Hello, I need to get the user ip and insert it in database but I don't have a clue how to do it Here is the script: class Page { static function Build() { if(User::$isLoggedin == TRUE) { redirect('ucp'); return; } $data = array ( 'message' => 'Please register using your desired information', 'username' => '', 'password' => '', 'confirm' => '', 'email' => '', 'title' => '', 'url' => 'http://', 'category' => '1', 'banner' => 'http://', 'description' => '' ); $data['message'] = 'Please register using your desired information'; if(isset($_POST['register'])) { $error = FALSE; $query = 'INSERT INTO top_topsites SET '; $i = 0; foreach($_POST as $k => $v) { $v = DB::safe($v); $data[$k] = $v; if($error == FALSE) { if((is_numeric($v) && $v == 0) || empty($v)) { if($k != 'banner') { $data['message'] = self::msg('The ' . ucfirst($k) . ' field cannot be empty'); $error = TRUE; } } if($k == 'confirm') { if($data['password'] == $v) { $v = md5($data['username'] . $v); } else { $data['message'] = self::msg('The passwords must match!'); $error = TRUE; } } if($k == 'title') { if(strlen($v) > 40) { $data['message'] = self::msg('The site\'s title cannot be over 40 characters long'); $error = TRUE; } function wordsExist(&$v, $words) { foreach($words as &$word) { if(strpos($v, $word) !== false) { return true; } } return false; } if (wordsExist($v, array('</script>','<script'))) { $data['message'] = self::msg('Why are you trying to insert JavaScript code? Are you a hacker?'); $error = TRUE; } } if($k == 'description') { if(strlen($v) > 300) { $data['message'] = self::msg('The site\'s description cannot be over 300 characters long'); $error = TRUE; } if (wordsExist($v, array('</script>','<script'))) { $data['message'] = self::msg('Why are you trying to insert JavaScript code? Are you a hacker?'); $error = TRUE; } } $i++; if($k != 'password' && $k != 'register') { if($k == 'confirm') $k = 'password'; $query .= $k . ' = \'' . strip_tags($v) . '\''; $query .= ($i != count($_POST) - 1) ? ', ' : ', details = \' \' '; } } } if($error != TRUE) { $ip = (getenv('HTTP_X_FORWARDED_FOR')) ? getenv('HTTP_X_FORWARDED_FOR') : getenv('REMOTE_ADDR'); DB::query("SELECT id FROM top_topsites WHERE ip = '$ip'"); if(DB::num_rows() < Config::item('max_reg_ips')) { DB::query("SELECT id FROM top_topsites WHERE url = '".$data['url']."' LIMIT 1"); if(DB::num_rows() == 0) { DB::query("SELECT id FROM top_topsites WHERE username = '".$data['username']."' LIMIT 1"); if(DB::num_rows() == 0) { DB::query($query); User::login($data['username'], $data['password']); redirect('ucp'); } else $data['message'] = self::msg('Username `'.$data['username'].'` is taken'); } else $data['message'] = self::msg('URL `'.$data['url'].'` is taken'); } else $data['message'] = self::msg('Only up to ' . Config::item('max_reg_ips') . ' sites are allowed per IP'); } } Load::view('register', $data); } static function categories() { DB::select('top_categories'); return (DB::num_rows() > 0) ? DB::fetch_array() : array(); } static function msg($message = '', $color = '#ADFF2F') { return '<b style=\'color:' . $color . ';\'>' . $message . '</b>'; } } PHP:
Hello, to get a users IP address you use the code: This code will store the users ip into a string called "$userip" $userip = $_SERVER['SERVER_ADDR']; Code (markup): Next you would use the DB query: INSERT INTO example (ip) VALUES($userip') Code (markup): Its that easy hope this helps
I know that, what I don't know is how to use that code in the above script. I tried to put before $query .= $k . ' = \'' . strip_tags($v) . '\''; PHP: this $userip = $_SERVER['SERVER_ADDR']; DB::query("INSERT INTO top_topsites (ip) VALUES ('$userip')"); PHP: But when I use that code the ip is inserted into db but the other fields are blank and it's added 10 more blank rows.
$query .= ($i != count($_POST) - 1) ? ', ' : ', details = \' \' '; PHP: to $userip = $_SERVER['SERVER_ADDR']; $query .= ($i != count($_POST) - 1) ? ', ' : ', details = \' \', "'.$userip.'" '; PHP: I'm assuming it has something to do with that line, but try that.
I'm getting this error Error Message: MySQL query #3 failed. MySQL reported: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '"127.0.0.1"' at line 1 Code (markup):
$userip = $_SERVER['SERVER_ADDR']; $query .= ($i != count($_POST) - 1) ? ', ' : ', details = \' \', '.$userip.' '; PHP:
Error Message: MySQL query #3 failed. MySQL reported: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '127.0.0.1' at line 1 Code (markup):
What one are you using, I posted a version and then I updated it. You was pretty quick, so not sure what version you got
Both of them. I tried with duble quotes, simple quotes, no quotes and nothing. $userip = $_SERVER['SERVER_ADDR']; $query .= ($i != count($_POST) - 1) ? ', ' : ', details = \' \', '.$userip.' '; PHP:
How very odd, you see....because it's looping through the results, it knows where to insert everything and where. Is the "IP" row at the end of the table in phpmyadmin?
Right, then what I'd do is....after the $query (disregard anything I've suggested up to this point) do: DB::query("UPDATE top_topsites SET ip = '".$_SERVER['REMOTE_ADDR']."' WHERE id = ".mysql_insert_id()); PHP: So the whole thing becomes: $query .= $k . ' = \'' . strip_tags($v) . '\''; $query .= ($i != count($_POST) - 1) ? ', ' : ', details = \' \' '; DB::query("UPDATE top_topsites SET ip = '".$_SERVER['REMOTE_ADDR']."' WHERE id = ".mysql_insert_id()); PHP:
I thought you said it wasn't inserting at all? Are you sure "ip" is lowercase? And are you sure it's top_topsites that it's being inserted to?
I've got a solutin. Is there a problem if I add in the registration form <input type="hidden" name="ip" value="<?php echo base64_encode($_SERVER['SERVER_ADDR']); ?>"> PHP: and add in the script if($k == 'ip') { { $v = base64_decode($v); } } PHP: ? If I use this it works like a charm but I don't know if it's safe.
Ah, much better idea. All you're doing is sending an IP through a form, and you're encoding it. Should be fine. There are functions to ensure the value you're sending is an IP if that's what you're looking for, do a quick Google search