SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Guru
    Join Date
    Nov 2004
    Location
    calif
    Posts
    733
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Capturing IP address & blocking IP address

    I'm using a php script for my web site which has registration, log-in, etc.
    When I asked how I might be able to capture the registrants IP address upon registration, I was given this code and this advice:
    Code:
    $userip = $_SERVER[REMOTE_ADDR];
    mysql_real_escape_string($userip);
    "Remember when you store these values in the database to use these two functions INET_ATON() and INET_NTOA(). One is for inserting the IP and one is for extracting it."

    I don't know what INET_ATON() and INET_NTOA() are, but my goal is to be able to have a users IP address just in case he spams my site, then he can be blocked, based on the thinking that typically one user has one computer.

    Can someone tell me how I can block an Ip address?
    Any thoughts/replies/suggestions will be welcome. Thanks

  2. #2
    PHP Guru lampcms.com's Avatar
    Join Date
    Jan 2009
    Posts
    921
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You don't have to use these functions at all. You can just insert the actual ip address into the database.

    These functions will just confuse you because they will convert a 'normal looking' ip address into a numerical value. What are the benefits to doing that?

    I am not sure, but I think these may also be specific to mysql and not a standard SQL functions, so if you ever decide to switch to a different database you may have to not only change your code, but to also convert all your stored ip addresses back to their normal format.

    If it makes you feel more secure, you can still use mysql_real_escape_string() before inserting the ip address.

  3. #3
    . shoooo... silver trophy logic_earth's Avatar
    Join Date
    Oct 2005
    Location
    CA
    Posts
    9,013
    Mentioned
    8 Post(s)
    Tagged
    0 Thread(s)
    Blocking a user via IP address is not very effective, honestly. IP addresses don't uniquely identify users, they are shared. Not only that but dial-up users almost always get a new IP every time the get online. There is also proxies and NAT that might combine a dozen users under a single IP.
    Logic without the fatal effects.
    All code snippets are licensed under WTFPL.



Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •