Re: [PHP] User's IP Validation
2010/6/16 Ashley Sheridan a...@ashleysheridan.co.uk On Wed, 2010-06-16 at 20:36 +0200, David Cesal wrote: Please, don't forget IP address can be same for many users. I see only way with cookies. When user deletes cookies, form pops up again. I don't know any better way. David Sent from my HTC -Original Message- From: Juan Rodriguez Monti j...@rodriguezmonti.com.ar Sent: 16. cervna 2010 20:26 To: php-general@lists.php.net Subject: [PHP] User's IP Validation Hi people, I would like to know the best way to perform some kind of validation for an application that I've written. I have a system that ask through an HTML Form some questions to users. I use some cookies to save some information from the user side. However, I would like to implement some code in PHP that would let me limit to 1 the number of times that the page with the questions was executed. I mean, the user fills the HTML's Form, then send it through an HTML Button, then PHP receives this informations and send an Email containing the replies to the questions. I would like to limit to one, the times one single user is able to execute this form. I thought getting the IP Address, then doing some kind of validation with it. However I don't know if using cookies is the best idea. I don't have access to a DataBase for this. So I thought might be a good idea write to a file in the server the IP, then perform some if to know if the user already replied the form. As far as I don't know which is the best way to code this, I felt free to ask you guys. Thanks a lot. Juan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Like others have said, unless you have specific user logins, there's no way to prevent people from viewing the form more than once. As you are emailing them the answers, I assume there is some form of login system being used, so you could use that, with some sort of flag to indicate the email has been sent. If you want to future-proof the system, you could use some sort of binary bit flag to indicate what forms they've been sent answers to, for example: 0 - no answers have been sent 1 - only the first set of answers 4 - the 3rd set of answers only 5 - the 3rd and 1st set of answers Yes, tha't s true. However I'm not using a DB for this little job. There's no login system. There's a little script that runs the form, and then send an email to some directions, but not for the user's Email address. I thought I should use cookies, however is far from secure. Thanks a lot people!. Juan
Re: [PHP] User's IP Validation
On Thu, 2010-06-17 at 12:07 -0300, Juan Rodriguez Monti wrote: 2010/6/16 Ashley Sheridan a...@ashleysheridan.co.uk On Wed, 2010-06-16 at 20:36 +0200, David Cesal wrote: Please, don't forget IP address can be same for many users. I see only way with cookies. When user deletes cookies, form pops up again. I don't know any better way. David Sent from my HTC -Original Message- From: Juan Rodriguez Monti j...@rodriguezmonti.com.ar Sent: 16. cervna 2010 20:26 To: php-general@lists.php.net Subject: [PHP] User's IP Validation Hi people, I would like to know the best way to perform some kind of validation for an application that I've written. I have a system that ask through an HTML Form some questions to users. I use some cookies to save some information from the user side. However, I would like to implement some code in PHP that would let me limit to 1 the number of times that the page with the questions was executed. I mean, the user fills the HTML's Form, then send it through an HTML Button, then PHP receives this informations and send an Email containing the replies to the questions. I would like to limit to one, the times one single user is able to execute this form. I thought getting the IP Address, then doing some kind of validation with it. However I don't know if using cookies is the best idea. I don't have access to a DataBase for this. So I thought might be a good idea write to a file in the server the IP, then perform some if to know if the user already replied the form. As far as I don't know which is the best way to code this, I felt free to ask you guys. Thanks a lot. Juan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Like others have said, unless you have specific user logins, there's no way to prevent people from viewing the form more than once. As you are emailing them the answers, I assume there is some form of login system being used, so you could use that, with some sort of flag to indicate the email has been sent. If you want to future-proof the system, you could use some sort of binary bit flag to indicate what forms they've been sent answers to, for example: 0 - no answers have been sent 1 - only the first set of answers 4 - the 3rd set of answers only 5 - the 3rd and 1st set of answers Yes, tha't s true. However I'm not using a DB for this little job. There's no login system. There's a little script that runs the form, and then send an email to some directions, but not for the user's Email address. I thought I should use cookies, however is far from secure. Thanks a lot people!. Juan What email address are you sending the instructions to then? I had assumed it was to the person who filled in the form? Thanks, Ash http://www.ashleysheridan.co.uk
[PHP] User's IP Validation
Hi people, I would like to know the best way to perform some kind of validation for an application that I've written. I have a system that ask through an HTML Form some questions to users. I use some cookies to save some information from the user side. However, I would like to implement some code in PHP that would let me limit to 1 the number of times that the page with the questions was executed. I mean, the user fills the HTML's Form, then send it through an HTML Button, then PHP receives this informations and send an Email containing the replies to the questions. I would like to limit to one, the times one single user is able to execute this form. I thought getting the IP Address, then doing some kind of validation with it. However I don't know if using cookies is the best idea. I don't have access to a DataBase for this. So I thought might be a good idea write to a file in the server the IP, then perform some if to know if the user already replied the form. As far as I don't know which is the best way to code this, I felt free to ask you guys. Thanks a lot. Juan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] User's IP Validation
If this is an open site, using the IP won't be any good. We have over 200 people behind our NAT firewall, all of which would show up as coming from the same IP on your server. Many other networks have the same or a similar configuration. If you only allow registered users, add a couple of flags to your user table and set one of them when they fill out the form. Don't show them the form after it is set. Having a couple, you can do a couple of questionnaires simultaneously, and clear the matching flag when you close the form. Bob McConnell -Original Message- From: Juan Rodriguez Monti [mailto:j...@rodriguezmonti.com.ar] Sent: Wednesday, June 16, 2010 2:26 PM To: php-general@lists.php.net Subject: [PHP] User's IP Validation Hi people, I would like to know the best way to perform some kind of validation for an application that I've written. I have a system that ask through an HTML Form some questions to users. I use some cookies to save some information from the user side. However, I would like to implement some code in PHP that would let me limit to 1 the number of times that the page with the questions was executed. I mean, the user fills the HTML's Form, then send it through an HTML Button, then PHP receives this informations and send an Email containing the replies to the questions. I would like to limit to one, the times one single user is able to execute this form. I thought getting the IP Address, then doing some kind of validation with it. However I don't know if using cookies is the best idea. I don't have access to a DataBase for this. So I thought might be a good idea write to a file in the server the IP, then perform some if to know if the user already replied the form. As far as I don't know which is the best way to code this, I felt free to ask you guys. Thanks a lot. Juan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] User's IP Validation
Please, don't forget IP address can be same for many users. I see only way with cookies. When user deletes cookies, form pops up again. I don't know any better way. David Sent from my HTC -Original Message- From: Juan Rodriguez Monti j...@rodriguezmonti.com.ar Sent: 16. cervna 2010 20:26 To: php-general@lists.php.net Subject: [PHP] User's IP Validation Hi people, I would like to know the best way to perform some kind of validation for an application that I've written. I have a system that ask through an HTML Form some questions to users. I use some cookies to save some information from the user side. However, I would like to implement some code in PHP that would let me limit to 1 the number of times that the page with the questions was executed. I mean, the user fills the HTML's Form, then send it through an HTML Button, then PHP receives this informations and send an Email containing the replies to the questions. I would like to limit to one, the times one single user is able to execute this form. I thought getting the IP Address, then doing some kind of validation with it. However I don't know if using cookies is the best idea. I don't have access to a DataBase for this. So I thought might be a good idea write to a file in the server the IP, then perform some if to know if the user already replied the form. As far as I don't know which is the best way to code this, I felt free to ask you guys. Thanks a lot. Juan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] User's IP Validation
On Wed, 2010-06-16 at 20:36 +0200, David Cesal wrote: Please, don't forget IP address can be same for many users. I see only way with cookies. When user deletes cookies, form pops up again. I don't know any better way. David Sent from my HTC -Original Message- From: Juan Rodriguez Monti j...@rodriguezmonti.com.ar Sent: 16. cervna 2010 20:26 To: php-general@lists.php.net Subject: [PHP] User's IP Validation Hi people, I would like to know the best way to perform some kind of validation for an application that I've written. I have a system that ask through an HTML Form some questions to users. I use some cookies to save some information from the user side. However, I would like to implement some code in PHP that would let me limit to 1 the number of times that the page with the questions was executed. I mean, the user fills the HTML's Form, then send it through an HTML Button, then PHP receives this informations and send an Email containing the replies to the questions. I would like to limit to one, the times one single user is able to execute this form. I thought getting the IP Address, then doing some kind of validation with it. However I don't know if using cookies is the best idea. I don't have access to a DataBase for this. So I thought might be a good idea write to a file in the server the IP, then perform some if to know if the user already replied the form. As far as I don't know which is the best way to code this, I felt free to ask you guys. Thanks a lot. Juan -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php Like others have said, unless you have specific user logins, there's no way to prevent people from viewing the form more than once. As you are emailing them the answers, I assume there is some form of login system being used, so you could use that, with some sort of flag to indicate the email has been sent. If you want to future-proof the system, you could use some sort of binary bit flag to indicate what forms they've been sent answers to, for example: 0 - no answers have been sent 1 - only the first set of answers 4 - the 3rd set of answers only 5 - the 3rd and 1st set of answers etc. This would allow you to use one field to hold sent info on as many forms as you need. Thanks, Ash http://www.ashleysheridan.co.uk
[PHP] User's IP Address
Hi! Is there any possibility to get PHP page viewer's ip address.. for example $addr=some_function_that_returns_viewer's_address() or something like that? Thanks, Maris -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] User's IP Address
On Thu, 21 Mar 2002, Maris Kalnins wrote: Is there any possibility to get PHP page viewer's ip address.. for example $addr=some_function_that_returns_viewer's_address() $REMOTE_ADDR You might want to play with phpinfo() - it tells you a lot. miguel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [Re: [PHP] user's ip]
On 7 Aug 01, at 14:02, René Moonen wrote: The problem is that REMOTE_ADDR returns the IP address of the proxy (if if(getenv(HTTP_X_FORWARDED_FOR)) { $ip=getenv(HTTP_X_FORWARDED_FOR); } else { $ip=getenv(REMOTE_ADDR); } $host = gethostbyaddr($ip); except, perhaps, when there's also a firewall with NAT/MASQ involved - in that case you'll probably not get much closer than the firewall's IP address (at least, that's how it is on my network). CYA, Dave --- Outback Queensland Internet - Longreach, Outback Queensland - Australia http://www.outbackqld.net.au mailto:[EMAIL PROTECTED] --- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] user's ip
On Tue, 7 Aug 2001, Renze Munnik wrote: On Tue, Aug 07, 2001 at 03:55:25PM +0530, Adrian D'Costa wrote: Hi, I am trying to get the ip address of any user browsing a particular page. I tried $REMOTE_ADDR but that give me only the remote address. What would be the best way? Adrian Okay... Help me out here... You want to know someones IP-address and using $REMOTE_ADDR you get the IP-address of the user. What's the problem man?!?!?! Well man:), my script show only the website's ipaddress. Adrian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] user's ip
On Wed, Aug 08, 2001 at 12:45:32PM +1000, Chris Birmingham wrote: I would use $HTTP_SERVER_VARS[REMOTE_ADDR] or $HTTP_SERVER_VARS[HTTP_X_FORWARDED_FOR] to return the IP address.. I have seen, people using if($ip == $REMOTE_ADDR) { // do whatever } but in some configurations of PHP this can be a bad thing.. index.php?REMOTE_ADDR=10.0.0.1 would override the variable $REMOTE_ADDR (in SOME configurations) Its probably alot harder for a malicious user to fake the HTTP_SERVER_VARS array than just a normal variable. Just my .02c :) Regards Chris You could not be more right! Always use stuff like $HTTP_SERVER_VARS, $HTTP_POST_VARS, etc. It's the savest/best way! -- * RzE: -- -- Renze Munnik -- DataLink BV -- -- E: [EMAIL PROTECTED] -- W: +31 23 5326162 -- F: +31 23 5322144 -- M: +31 6 21811143 -- H: +31 23 5516190 -- -- Stationsplein 82 -- 2011 LM HAARLEM -- -- http://www.datalink.nl -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] user's ip
On Tue, Aug 07, 2001 at 03:55:25PM +0530, Adrian D'Costa wrote: Hi, I am trying to get the ip address of any user browsing a particular page. I tried $REMOTE_ADDR but that give me only the remote address. What would be the best way? Adrian Okay... Help me out here... You want to know someones IP-address and using $REMOTE_ADDR you get the IP-address of the user. What's the problem man?!?!?! -- * RzE: -- -- Renze Munnik -- DataLink BV -- -- E: [EMAIL PROTECTED] -- W: +31 23 5326162 -- F: +31 23 5322144 -- M: +31 6 21811143 -- H: +31 23 5516190 -- -- Stationsplein 82 -- 2011 LM HAARLEM -- -- http://www.datalink.nl -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP] user's ip
Read this: http://www.php.net/manual/en/function.getenv.php $ip = getenv (REMOTE_ADDR); == Karl Phillipson PHP SQL Programmer Saffron Hill Ventures 67 Clerkenwell Road London EC1R 5BL Saffron Hill: 0207 693 8300 Direct Line: 0207 693 8318 -Original Message- From: Adrian D'Costa [mailto:[EMAIL PROTECTED]] Sent: 07 August 2001 11:25 To: php general list Subject: [PHP] user's ip Hi, I am trying to get the ip address of any user browsing a particular page. I tried $REMOTE_ADDR but that give me only the remote address. What would be the best way? Adrian -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[Re: [PHP] user's ip]
The problem is that REMOTE_ADDR returns the IP address of the proxy (if the user accesses the web-page via a proxy. This will allways return the IP address of the user's machine: if(getenv(HTTP_X_FORWARDED_FOR)) { $ip=getenv(HTTP_X_FORWARDED_FOR); } else { $ip=getenv(REMOTE_ADDR); } $host = gethostbyaddr($ip); Renze Munnik wrote: On Tue, Aug 07, 2001 at 03:55:25PM +0530, Adrian D'Costa wrote: Hi, I am trying to get the ip address of any user browsing a particular page. I tried $REMOTE_ADDR but that give me only the remote address. What would be the best way? Adrian Okay... Help me out here... You want to know someones IP-address and using $REMOTE_ADDR you get the IP-address of the user. What's the problem man?!?!?! -- * RzE: -- -- Renze Munnik -- DataLink BV -- -- E: [EMAIL PROTECTED] -- W: +31 23 5326162 -- F: +31 23 5322144 -- M: +31 6 21811143 -- H: +31 23 5516190 -- -- Stationsplein 82 -- 2011 LM HAARLEM -- -- http://www.datalink.nl -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [Re: [PHP] user's ip]
On Tue, Aug 07, 2001 at 02:01:04PM +0200, René Moonen wrote: The problem is that REMOTE_ADDR returns the IP address of the proxy (if the user accesses the web-page via a proxy. This will allways return the IP address of the user's machine: if(getenv(HTTP_X_FORWARDED_FOR)) { $ip=getenv(HTTP_X_FORWARDED_FOR); } else { $ip=getenv(REMOTE_ADDR); } $host = gethostbyaddr($ip); Ahh see, that wasn't clear in the question. Yeah... that's true. Pain in the ass those proxies. They're also realy useful while testing your (dynamic) site. NOT!!! Hey, what's this? I thought I'd realy changed that error. How's this possible?, Didn't I just change the background-color? Why is it still the same? BECAUSE THE DAMN PROXY DOESN'T WANT TO SHOW YOU THE NEW VERSION. No... cache, cache, cache... Damn things always come up with pages that are (way) to old! But anyway... that's not what this was about (just my own frustration). But I just don't use the proxy nomore. Only for testing things like REMOTE_ADDR etc. But thank you for specifying the question. And eh, you're right. I just didn't know the question was about this problem. -- * RzE: -- -- Renze Munnik -- DataLink BV -- -- E: [EMAIL PROTECTED] -- W: +31 23 5326162 -- F: +31 23 5322144 -- M: +31 6 21811143 -- H: +31 23 5516190 -- -- Stationsplein 82 -- 2011 LM HAARLEM -- -- http://www.datalink.nl -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] user's ip
Hello Adrian, Tuesday, August 07, 2001, 12:25:25 PM, you wrote: ADC Hi, ADC I am trying to get the ip address of any user browsing a particular page. ADC I tried $REMOTE_ADDR but that give me only the remote address. What would ADC be the best way? When you recieve a remote_host_name you can find out a ip with gethostbyname(String name_recieved) I hope it helps -- Best regards, Danielmailto:[EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [Re: [PHP] user's ip]
At 07.08.2001 13:06, Renze Munnik wrote: Ahh see, that wasn't clear in the question. Yeah... that's true. Pain in the ass those proxies. They're also realy useful while testing your (dynamic) site. NOT!!! Hey, what's this? I thought I'd realy changed that error. How's this possible?, Didn't I just change the background-color? Why is it still the same? BECAUSE THE DAMN PROXY DOESN'T WANT TO SHOW YOU THE NEW VERSION. No... cache, cache, cache... Damn things always come up with pages that are (way) to old! 1) proxies should cache dynamic content 2) proxies should not retrieve from cache if the request is a force-refresh 3) proxies should not cache any content which URL includes ? Sounds like you've got yourself a poor proxy there, I've certainly never seen any problem with developing through my proxy, apart from those pesky doubleclick ads seem to disappear wonder why... -- Andreas D Landmark / noXtension Real Time, adj.: Here and now, as opposed to fake time, which only occurs there and then. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP] user's ip
I would use $HTTP_SERVER_VARS[REMOTE_ADDR] or $HTTP_SERVER_VARS[HTTP_X_FORWARDED_FOR] to return the IP address.. I have seen, people using if($ip == $REMOTE_ADDR) { // do whatever } but in some configurations of PHP this can be a bad thing.. index.php?REMOTE_ADDR=10.0.0.1 would override the variable $REMOTE_ADDR (in SOME configurations) Its probably alot harder for a malicious user to fake the HTTP_SERVER_VARS array than just a normal variable. Just my .02c :) Regards Chris -Original Message- From: Renze Munnik [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 7 August 2001 10:07 PM To: [EMAIL PROTECTED] Subject: Re: [Re: [PHP] user's ip] On Tue, Aug 07, 2001 at 02:01:04PM +0200, René Moonen wrote: The problem is that REMOTE_ADDR returns the IP address of the proxy (if the user accesses the web-page via a proxy. This will allways return the IP address of the user's machine: if(getenv(HTTP_X_FORWARDED_FOR)) { $ip=getenv(HTTP_X_FORWARDED_FOR); } else { $ip=getenv(REMOTE_ADDR); } $host = gethostbyaddr($ip); Ahh see, that wasn't clear in the question. Yeah... that's true. Pain in the ass those proxies. They're also realy useful while testing your (dynamic) site. NOT!!! Hey, what's this? I thought I'd realy changed that error. How's this possible?, Didn't I just change the background-color? Why is it still the same? BECAUSE THE DAMN PROXY DOESN'T WANT TO SHOW YOU THE NEW VERSION. No... cache, cache, cache... Damn things always come up with pages that are (way) to old! But anyway... that's not what this was about (just my own frustration). But I just don't use the proxy nomore. Only for testing things like REMOTE_ADDR etc. But thank you for specifying the question. And eh, you're right. I just didn't know the question was about this problem. -- * RzE: -- -- Renze Munnik -- DataLink BV -- -- E: [EMAIL PROTECTED] -- W: +31 23 5326162 -- F: +31 23 5322144 -- M: +31 6 21811143 -- H: +31 23 5516190 -- -- Stationsplein 82 -- 2011 LM HAARLEM -- -- http://www.datalink.nl -- -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]