Hello, I have a contact form but, when my users submit my form, I need the form to include their IP address. How do I do this with the php script I am using? Thanks
In the form you need the following hidden variable: <?php $ipaddress = GetHostByName($REMOTE_ADDR); ?> <input type="hidden" name="ipaddress" value="<?php echo $ipaddress ?>"> PHP: And then in the processing side you just use the $ipaddress variable in the same way you use the other variables.
i suggest to attach this ip adress right before you call the the mail() function to the end of your mailtext-var. it dosnt needs much to override this hidden field and insert whatever you want at this place.
The only problem with the hidden field is that I could change that value to whatever I wanted. Any POST or GET field can be changed by the user. *NEVER* trust any user input. EVER. You need to grab their IP after the form has been submitted - so you get the submitters IP. For example: <?php if($_POST['send_mail']) { //get your other fields here $ip = $_SERVER['REMOTE_ADDR']; $email_body .= "\n\n$ip"; //mail(); echo "Thanks for sending me an email!"; } else { ?> <!-- your mail form here --> <?php } ?> Code (markup): -the mole
Here's what I use, it's a bit more bulletproof to return an IP in all cases... $user_ip = $_SERVER['REMOTE_ADDR']; if (trim($user_ip) == '') { $user_ip = $_SERVER['HTTP_CLIENT_IP']; } if (trim($user_ip) == '') { $user_ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } PHP:
Please note, $REMOTE_ADDR only works when register_globals under php.ini is turned on (it is turned off on default installations). I'd recommend going with the correct way, $_SERVER['REMOTE_ADDR'] Just my two cents.
Something I use: $ip = (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; PHP: @webbist only turned off by default in PHP versions 4.2.0 and later. Also, many webhosts turn it ON. And most folks do not have access to php.ini. While on the subject of register_globals, here's a way to turn it off using .htaccess: php_flag register_globals 0 Code (markup): But note, on some servers it may cause a 500 internal server error.
When I use it it doesn't work. I have it on http://thewebmasterstool.com/'s poll and it lets me vote more than once. How can I solve that?
1. Try to reverse it (look for http_x_... before remote_dir) 2. Let us see the code you use to prevent same IP voting.
This is the script I am using: <?php include 'config.php'; mysql_connect("$host", "$user", "$pass") or die(mysql_error()); mysql_select_db("$dbname") or die(mysql_error()); $ip = $_SERVER['REMOTE_ADDR']; if (trim($ip) == '') { $ip = $_SERVER['HTTP_CLIENT_IP']; } if (trim($ip) == '') { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } $query = mysql_query("select * from vote where ip='$ip'"); $countbans = mysql_num_rows($query); if($countbans > 0) { include "results.php"; echo("You have Already Voted!"); }else{ $action = $_GET['action']; if(!isset($action) || empty($action) || $action !== "addvote"){ echo("<form name='form1' method='post' action='?action=addvote'> <table width='100%' border='0' cellspacing='2' cellpadding='0'> <tr> <td colspan='2'><div align='left'>Do you like my site?</div></td> </tr> <tr> <td width='19%'><input type='radio' name='vote' value='ex'></td> <td width='81%' bgcolor='#F4F4F4'>It's Excellent!</td> </tr> <tr> <td><input type='radio' name='vote' value='co'></td> <td bgcolor='#F4F4F4'>Pretty Cool</td> </tr> <tr> <td><input type='radio' name='vote' value='ok'></td> <td bgcolor='#F4F4F4'>OK</td> </tr> <tr> <td><input type='radio' name='vote' value='ha'></td> <td bgcolor='#F4F4F4'>Hate It!</td> </tr> <tr> <td></td> <td><input type='submit' name='Submit' value='Vote!'></td> </tr> </table> </form>"); }elseif($action == "addvote"){ //show result echo "<p><h4>Thank you For Voting</h4></p>"; $vote = $_POST['vote']; include 'config.php'; $ip = $_SERVER['REMOTE_ADDR']; if (trim($ip) == '') { $ip = $_SERVER['HTTP_CLIENT_IP']; } if (trim($ip) == '') { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } mysql_connect("$host", "$user", "$pass") or die(mysql_error()); mysql_select_db("$dbname") or die(mysql_error()); mysql_query("INSERT INTO `vote` (`vote` , `ip` ) VALUES ('$vote', '$ip')"); } } ?> PHP:
Try this: Remove: if (trim($ip) == '') { $ip = $_SERVER['HTTP_CLIENT_IP']; } if (trim($ip) == '') { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; }