473,385 Members | 1,898 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > php, mysql and ip-addresses

Join Bytes to post your question to a community of 473,385 software developers and data experts.

PHP, MySQL and IP-addresses

I use this code to store the IP addresse:

<?php
$IP = $_SERVER['REMOTE_ADDR'];
$query = "update mytable set ipaddr=inet_aton('$IP') where <some code>";
mysql_query ($query);
?>

When I do a 'select inet_ntoa(ipaddr) from mytable' most of the ip-addesses
shows up correctly, but one showed up as "127.255.255.255", which is
meaningless. Comparing to the log, the IP-address was 195.x.x.x

Is the $_SERVER['REMOTE_ADDR'] safe to use? Can it be something else that
the actual source of the http request to my server?

--
Jørn Dahl-Stamnes
http://www.dahl-stamnes.net/dahls/
Mar 11 '06 #1
3 9083
On Sat, 11 Mar 2006 09:03:03 +0100, Jørn Dahl-Stamnes wrote:
I use this code to store the IP addresse:

<?php
$IP = $_SERVER['REMOTE_ADDR'];
$query = "update mytable set ipaddr=inet_aton('$IP') where <some code>";
mysql_query ($query);
?>

When I do a 'select inet_ntoa(ipaddr) from mytable' most of the
ip-addesses shows up correctly, but one showed up as "127.255.255.255",
which is meaningless. Comparing to the log, the IP-address was 195.x.x.x

Is the $_SERVER['REMOTE_ADDR'] safe to use? Can it be something else that
the actual source of the http request to my server?


$_SERVER['REMOTE_ADDR'] can be the address of a proxy (maybe in this case
an bad anonymising one). I always check if
$_SERVER["HTTP_X_FORWARDED_FOR"] is set first (most proxies set this
header to the be the originating IP address).

Cheers,
Andy

--
Andy Jeffries MBCS CITP ZCE | gPHPEdit Lead Developer
http://www.gphpedit.org | PHP editor for Gnome 2
http://www.andyjeffries.co.uk | Personal site and photos

Mar 11 '06 #2
Andy Jeffries wrote:
On Sat, 11 Mar 2006 09:03:03 +0100, Jørn Dahl-Stamnes wrote:
I use this code to store the IP addresse:

<?php
$IP = $_SERVER['REMOTE_ADDR'];
$query = "update mytable set ipaddr=inet_aton('$IP') where <some
code>"; mysql_query ($query);
?>

When I do a 'select inet_ntoa(ipaddr) from mytable' most of the
ip-addesses shows up correctly, but one showed up as "127.255.255.255",
which is meaningless. Comparing to the log, the IP-address was 195.x.x.x

Is the $_SERVER['REMOTE_ADDR'] safe to use? Can it be something else that
the actual source of the http request to my server?


$_SERVER['REMOTE_ADDR'] can be the address of a proxy (maybe in this case
an bad anonymising one). I always check if
$_SERVER["HTTP_X_FORWARDED_FOR"] is set first (most proxies set this
header to the be the originating IP address).


I found out that it was my own test-server that genereated the
127.255.255.255 adress. But the funny thing is that if I in the php-file
added a 'echo "IP-addr.:" . $_SERVER['REMOTE_ADDR'];' it showed the correct
IP-adresse. But if I called a function from the same php file, which
updated the SQL database with my IP-address, the address had changed to
127.255.255.255. I can't figure out why.

--
Jørn Dahl-Stamnes
http://www.dahl-stamnes.net/dahls/
Mar 11 '06 #3
Jørn Dahl-Stamnes wrote:
I use this code to store the IP addresse:

<?php
$IP = $_SERVER['REMOTE_ADDR'];
$query = "update mytable set ipaddr=inet_aton('$IP') where <some code>";
mysql_query ($query);
?>

When I do a 'select inet_ntoa(ipaddr) from mytable' most of the
ip-addesses shows up correctly, but one showed up as "127.255.255.255",
which is meaningless. Comparing to the log, the IP-address was 195.x.x.x

Is the $_SERVER['REMOTE_ADDR'] safe to use? Can it be something else that
the actual source of the http request to my server?


I found the error. The ipaddr was of type "int" but should have been "int
unsigned" in order to store ip-addresses from 128.0.0.0 and above. So all
ip-addresses above 127.255.255.255, was stored as 127.255.255.255.

--
Jørn Dahl-Stamnes
http://www.dahl-stamnes.net/dahls/
Mar 12 '06 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
Hep req. with PHP and MySQL - simple guestbook
by: Dariusz | last post by:
I am a beginner in PHP and MySQL, and am working through a book and various online tutorials on PHP and MySQL and now stuck - installed everything on "localhost" and it all works fine. My question...
PHP
20
Connect to MySQL
by: Mr Dygi | last post by:
Hi, PHP 4.3.4 installed manually from package *.zip and Apache 2. I have a problem with this simple code: <?php $link = mysql_connect("127.0.0.1","","") or die("Could not connect: " ....
PHP
0
Problem When Mysql runs on a Machine with multiple NIC.
by: P Srinivasulu | last post by:
When Mysql runs on machine with multiple NIC's. Mysql server takes the IP Address that we specify in the configuration file. This IP Address may or may not be a primary IP Address of that machine....
MySQL Database
2
Error when Telnet to MySQL on Windows 2000?
by: Bruce W...1 | last post by:
I've got MySQL running as a service on my Windows 2000 box. And I can work with it using a command window (DOS box). I used the default install of MySQL and here's what status says: mysql>...
MySQL Database
0
How to access Mysql server (LINUX) from mysql control center (WINDOWS)
by: Sonu K Mehrotra | last post by:
mysql server is <172.16.27.39> running on Linux 9.1 I have installed mysql control center (client GUI) on 172.16.27.252 running on Windows 2000 advanced server The machines are connected in...
MySQL Database
4
Error 1130 when accessing MySQL from another IP??
by: Spare Brain | last post by:
Hi, I am trying to run the MySQL DB on a Linux machine that is part of a home LAN (IP=192.168.0.3), while trying to access it from another WinXP machine (IP=192.168.0.5). I keep getting the...
MySQL Database
4
MySql Data Read Problem?
by: Dakkar | last post by:
I write a program for connecting to mysql database and read the values that i want from the database so i wrote my code like this RegistryKey uo =...
C# / C Sharp
2
Connect to remote MySQL server
by: Martin | last post by:
Hi all. I have a fully functional page hosted on my PC that uses PHP and connects to MySQL on my PC to generate it's code. I now have some web hosting available which includes both PHP and...
PHP
1
mysql Install Problems
by: PowerLifter1450 | last post by:
I've been having a very rough time installinig mySQL on Linux. I have been following the instructions form here: http://www.hostlibrary.com/installing_apache_mysql_php_on_linux Everytime I get to...
MySQL Database
2
PHP & MYSQL ip address check
by: Boujii | last post by:
<html> <head> <title>Add New MySQL User</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body> <? if(isset($_POST)) {
PHP
1
Cloud Servers without Credit Card and Email Registration: A Simpler Way to Get on the Cloud
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
General
0
Wordpress or something else?
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
Content Management Systems
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Basic Javascript concepts
by: aa123db | last post by:
Variable and constants Use var or let for variables and const fror constants. Var foo ='bar'; Let foo ='bar';const baz ='bar'; Functions function $name$ ($parameters$) { } ...
Javascript
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!