Obtaining Server IP from form post

hokie5449 · November 29, 2010, 7:40pm

I have a website that a user fills out there login information which we then post to another website outside of our system. The website where the information is being posted is doing an IP check. They are trying to check for our server IPs instead of the users IPs. Since the POST is coming from the user, there is no way to get the server IP (that I know of…right?). As a work around for this, I’m trying to initially post to another script on our server which will then repost the information using PHP. This way the IP will be from our server instead of the user.

I’ve tried using curl, and while that allows me to pull the content of the webpage, it does not redirect the user to the page after the login. I’ve also tried using header() but I’m pretty sure that solution will not work either. So does anyone know how I can send post information to a website on my server using php and have it send the user to the resulting page?

I’ve tried something like below however, it only redirects me to the new page with no post data:


$x = curl_init("http://externalsite.com");
curl_setopt($x, CURLOPT_POST, 1);
curl_setopt($x, CURLOPT_POSTFIELDS, $data);
curl_setopt($x, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($x, CURLOPT_REFERER, "site");
curl_setopt($x, CURLOPT_RETURNTRANSFER, 1);
 
$content = curl_exec($x);
curl_close($x);

header("Location: http://externalsite.com");
exit;

Mittineague · November 30, 2010, 12:30am

Would $_SERVER[“SERVER_ADDR”] do what you need?

hokie5449 · November 30, 2010, 2:41pm

Unfortunately not. $_SERVER will give me the information for the server which that command is run on. I’m looking for the IP of the server that the form is hosted on.

Blue1 · November 30, 2010, 5:06pm

Why is it that you need to post to the external website and THEN redirect the user? It smells like something fishy to be honest, I wouldn’t like to help out doing something naughty without knowing why you do things the way you do. There’s always alternative approach.

Mounty · November 30, 2010, 8:42pm

Rather than posting the user to the 3rd party website after logging in, could your website scrape the 3rd party content and redisplay to the user? That way your server ip would be verified rather than the user ip. Though if the 3rd party server needs to set any session data then the user probably wouldn’t be able to progress any further.

Alternately, could your website send a query to the 3rd party website for a temporary token, which you could then add to the post url as a referrer, or add to the users cookie, allowing the 3rd party site to verify them? I’m thinking sites like Paypal must do something similar for 3rd party transfers to function properly through their system.

hokie5449 · December 1, 2010, 4:27am

Nope, I’m not trying to do anything fishy or illegal here. This is basically for a ‘single sign on’ where there are two logins that were trying to make into one (without going into too much detail). I dont necessarily need to post THEN redirect the user. But somehow I have to send post data along with the redirect in order to log the user in.

Basically what I need is a javascript form submission but done in PHP so the requesting IP is my server and not the client IP.

Topic		Replies	Views
Getting IP address through AJAX? JavaScript	10	19582	October 8, 2014
Curl and PHP: Client IP address gets changed PHP	8	19839	March 14, 2011
Getting user IP adress PHP	3	618	July 28, 2017
Best way to get IP address? PHP	3	2456	October 8, 2014
How to get the domain name of where a curl post came from PHP	27	11799	December 19, 2020

Obtaining Server IP from form post

Related topics