I've made a geotargeting code. Basicly it gests the user IP, then checks it in my database. The database contains all the ip classes in the world and the countries they are from. It gets the user country, and then the code decides what page that user should visit. For example if the code determins that the users ip is french it reddirects him to a french page of my website. The problem is this: i got hacked using this code. I had hosting at dwhs.com at that time. I kept the code on my index page, and yes my index page was php. So i think this is one of the reasons that i got hacked. A hacker exploited my code, and inserted a java script in the bottom of my page. So basicly i would be happy if you could pls check this code for php security issues. One more thing, i would like to improve it. Mabe make it in a way so it can detects a surfers real ip even if he uses a proxy. After he detects the users real ip, then it redirrects him to the page i want him to. Basicly i use this code to keep some countries out of my website. Ty very much. The code is: <? $DatabaseServer = ""; $Username = ""; $Password = ""; $DatabaseName = ""; $link = mysql_connect($DatabaseServer, $Username, $Password) or die('Could not connect: ' . mysql_error()); mysql_select_db($DatabaseName) or die('Could not select database'); $IP = $_SERVER["REMOTE_ADDR"]; //Get the IP address $res = mysql_query("SELECT country_code2,country_name FROM csv WHERE IP_FROM<=inet_aton('$IP') AND IP_TO>=inet_aton('$IP')");//look up IP address $Codes = mysql_fetch_array($res); //get result $CountryCode = $Codes['country_code2']; //two-letter country code $CountryName = $Codes['country_name']; //full country name if($CountryCode == "UK" && !$IP == "ipul tau") { header (deschide pagina care o vreau); } else { echo hey; } ?>