[英]capturing user's ip address in php contact form
我正在嘗試從php聯系表單獲取用戶IP地址,我有以下代碼,但我想知道以這種方式使用clean_string向我自己發送IP地址是有效的嗎?
<?php
session_start();
if(isset($_POST['fullname'])) {
include 'freecontact2formsettings.php';
function died($error) {
echo "Sorry, but there were error(s) found with the form you submitted. ";
echo "These errors appear below.<br /><br />";
echo $error."<br /><br />";
echo "Please go back and fix these errors.<br /><br />";
die();
}
if(!isset($_POST['fullname']) ||
!isset($_POST['Address1']) ||
!isset($_POST['city']) ||
!isset($_POST['Postcode']) ||
!isset($_POST['contactnum']) ||
!isset($_POST['emailaddress'])
) {
died('Sorry, there appears to be a problem with your form submission.');
}
$ip = $_SERVER['HTTP_CLIENT_IP'];
$ansb0_from = $_POST['fullname']; // required
$ansb1_from = $_POST['Address1']; // required
$ansb3_from = $_POST['city']; // required
$ansb4_from = $_POST['Postcode']; // required
$ansb5_from = $_POST['contactnum']; // required
$ansb6_from = $_POST['emailaddress']; // required
$error_message = "";
$email_message = "PHP CONTACT FORM:\r\n";
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:");
return str_replace($bad,"",$string);
}
$email_message .= "Forename: ".clean_string($ansb0_from)."\r\n";
$email_message .= "Address 1: ".clean_string($ansb1_from)."\r\n";
$email_message .= "City: ".clean_string($ansb3_from)."\r\n";
$email_message .= "Postcode: ".clean_string($ansb4_from)."\r\n";
$email_message .= "Contact Number: ".clean_string($ansb5_from)."\r\n";
$email_message .= "Email Address: ".clean_string($ansb6_from)."\r\n";
$email_message .="IP Address: ".clean_string($ip)."\n\n";
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($email_to, $email_subject, $email_message, $headers);
header("Location: $thankyou");
?>
<script>location.replace('<?php echo $thankyou;?>')</script>
<?php
}
die();
?>
也,
$ip = $_SERVER['HTTP_CLIENT_IP'];
在聯系表單腳本頁面上,而不是用戶輸入信息的實際form.php,我認為那是我出錯的地方嗎?
您不希望表單中包含IP。 這樣它就可以顯示,編輯和搞亂。 相反,只需使用以下方法捕獲服務器端:
$_SERVER['REMOTE_ADDR'];
谷歌搜索這個問題應該返回5億個有效的結果。 只是一個快速提醒。
您要檢查$_SERVER["REMOTE_ADDR"]
和$_SERVER["HTTP_X_FORWARDED_FOR"]
,因為如果用戶位於代理服務器后面,則可能需要后者。
您可以在這里閱讀更多內容: https : //stackoverflow.com/a/3003233/666468
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.