[英]Adding IP address to my form
I have this php code.我有这个 php 代码。
<?php
if (isset($_POST['name'], $_POST['post'])) {
$cast = $_POST['cast'];
$name = $_POST['name'];
$email = $_POST['email'];
$post = nl2br ($_POST['post']);
$ipaddress = $_POST['ipaddress'];
if (empty($name) or empty($post)) {
$error = 'All Fields Are Required!';
}else{
$query = $pdo->prepare('INSERT INTO comments (cast, name, email, post, ipaddress) VALUES(?, ?, ?, ?, ?)');
$query->bindValue(1, $cast);
$query->bindValue(2, $name);
$query->bindValue(3, $email);
$query->bindValue(4, $post);
$query->bindValue(5, $ipaddress);
$query->execute();
?>
And this form.还有这个表格。
<?php if (isset($error)) { ?>
<small style="color:#aa0000;"><?php echo $error; ?></small><br /><br />
<?php } ?>
<form action="episode.php?id=<?php echo $data['cast_id']; ?>" method="post" autocomplete="off" enctype="multipart/form-data">
<input type="text" name="name" placeholder="Name" /> / <input type="text" name="email" placeholder="Email" /><small style="color:#aa0000;">*</small><br /><br />
<textarea rows="10" cols="50" name="post" placeholder="Comment"></textarea><br /><br />
<input type="submit" value="Add Comment" />
<br /><br />
<small style="color:#aa0000;">* <b>Email will not be displayed publicly</b></small><br />
</form>
As you can see I have set up an IP address to be saved with this form in my database.如您所见,我已经设置了一个 IP 地址,与此表单一起保存在我的数据库中。
How can I add the IP address in the form?如何在表格中添加 IP 地址? But I do not want this to be displayed to my users.
但我不希望将其显示给我的用户。
Is this possible?这可能吗?
Thank you.谢谢你。
1). 1)。 You donot need to add
<?php echo $_SERVER['REMOTE_ADDR']; ?>
你不需要添加
<?php echo $_SERVER['REMOTE_ADDR']; ?>
<?php echo $_SERVER['REMOTE_ADDR']; ?>
to the form. <?php echo $_SERVER['REMOTE_ADDR']; ?>
到表格。 If case it's easy to forge it (actually it's easy any case). 如果是这样的话很容易伪造它(实际上它很容易)。 Better add IP to data on server side.
更好地为服务器端的数据添加IP。
2) You can also look to $_SERVER['HTTP_X_FORWARDED_FOR']
. 2)您还可以查看
$_SERVER['HTTP_X_FORWARDED_FOR']
。 If the user have a proxy address, some of them (transparent proxies) place real user's IP there. 如果用户具有代理地址,则其中一些(透明代理)将真实用户的IP放在那里。
$_SERVER['REMOTE_ADDR']
may not always contain the right address $_SERVER['REMOTE_ADDR']
可能并不总是包含正确的地址
3) Please note: The Data about IP's isn't trustworthy at all. 3)请注意:关于IP的数据根本不值得信赖。
perhaps you would replace: 也许你会替换:
$ipaddress = $_POST['ipaddress'];
$ ipaddress = $ _POST ['ipaddress'];
by 通过
$ipaddress = $_SERVER['REMOTE_ADDR'];
$ ipaddress = $ _SERVER ['REMOTE_ADDR'];
你不需要从你可以通过php的全局变量得到ip的表单中获取ip地址
$ipaddress = $_SERVER['REMOTE_ADDR'];
If you add ipaddress to your form then the user could change it as they wish (even if its a hidden element). 如果您将ipaddress添加到表单中,则用户可以根据需要更改它(即使它是隐藏元素)。 You would be better getting the ip address from the request header...
你最好从请求标题中获取ip地址......
$ipaddress = $_SERVER['REMOTE_ADDR']
当前的Ip-address可以这样设置:
$ipaddress = $_SERVER['REMOTE_ADDR'];
Why do you wan't to print it anyway? 你为什么不打印呢? You want to save sender ip?
你想保存发件人IP? Simply use:
只需使用:
$ipaddress = $_SERVER['REMOTE_ADDR'];
You can use the below code to get the IP Address .您可以使用以下代码获取IP 地址。
$ipaddress = $_SERVER['REMOTE_ADDR'];
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.