473,407 Members | 2,315 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > php, mysql and ip-addresses

Join Bytes to post your question to a community of 473,407 software developers and data experts.

PHP, MySQL and IP-addresses

I use this code to store the IP addresse:

<?php
$IP = $_SERVER['REMOTE_ADDR'];
$query = "update mytable set ipaddr=inet_aton('$IP') where <some code>";
mysql_query ($query);
?>

When I do a 'select inet_ntoa(ipaddr) from mytable' most of the ip-addesses
shows up correctly, but one showed up as "127.255.255.255", which is
meaningless. Comparing to the log, the IP-address was 195.x.x.x

Is the $_SERVER['REMOTE_ADDR'] safe to use? Can it be something else that
the actual source of the http request to my server?

--
Jørn Dahl-Stamnes
http://www.dahl-stamnes.net/dahls/
Mar 11 '06 #1
3 9087
On Sat, 11 Mar 2006 09:03:03 +0100, Jørn Dahl-Stamnes wrote:
I use this code to store the IP addresse:

<?php
$IP = $_SERVER['REMOTE_ADDR'];
$query = "update mytable set ipaddr=inet_aton('$IP') where <some code>";
mysql_query ($query);
?>

When I do a 'select inet_ntoa(ipaddr) from mytable' most of the
ip-addesses shows up correctly, but one showed up as "127.255.255.255",
which is meaningless. Comparing to the log, the IP-address was 195.x.x.x

Is the $_SERVER['REMOTE_ADDR'] safe to use? Can it be something else that
the actual source of the http request to my server?


$_SERVER['REMOTE_ADDR'] can be the address of a proxy (maybe in this case
an bad anonymising one). I always check if
$_SERVER["HTTP_X_FORWARDED_FOR"] is set first (most proxies set this
header to the be the originating IP address).

Cheers,
Andy

--
Andy Jeffries MBCS CITP ZCE | gPHPEdit Lead Developer
http://www.gphpedit.org | PHP editor for Gnome 2
http://www.andyjeffries.co.uk | Personal site and photos

Mar 11 '06 #2
Andy Jeffries wrote:
On Sat, 11 Mar 2006 09:03:03 +0100, Jørn Dahl-Stamnes wrote:
I use this code to store the IP addresse:

<?php
$IP = $_SERVER['REMOTE_ADDR'];
$query = "update mytable set ipaddr=inet_aton('$IP') where <some
code>"; mysql_query ($query);
?>

When I do a 'select inet_ntoa(ipaddr) from mytable' most of the
ip-addesses shows up correctly, but one showed up as "127.255.255.255",
which is meaningless. Comparing to the log, the IP-address was 195.x.x.x

Is the $_SERVER['REMOTE_ADDR'] safe to use? Can it be something else that
the actual source of the http request to my server?


$_SERVER['REMOTE_ADDR'] can be the address of a proxy (maybe in this case
an bad anonymising one). I always check if
$_SERVER["HTTP_X_FORWARDED_FOR"] is set first (most proxies set this
header to the be the originating IP address).


I found out that it was my own test-server that genereated the
127.255.255.255 adress. But the funny thing is that if I in the php-file
added a 'echo "IP-addr.:" . $_SERVER['REMOTE_ADDR'];' it showed the correct
IP-adresse. But if I called a function from the same php file, which
updated the SQL database with my IP-address, the address had changed to
127.255.255.255. I can't figure out why.

--
Jørn Dahl-Stamnes
http://www.dahl-stamnes.net/dahls/
Mar 11 '06 #3
Jørn Dahl-Stamnes wrote:
I use this code to store the IP addresse:

<?php
$IP = $_SERVER['REMOTE_ADDR'];
$query = "update mytable set ipaddr=inet_aton('$IP') where <some code>";
mysql_query ($query);
?>

When I do a 'select inet_ntoa(ipaddr) from mytable' most of the
ip-addesses shows up correctly, but one showed up as "127.255.255.255",
which is meaningless. Comparing to the log, the IP-address was 195.x.x.x

Is the $_SERVER['REMOTE_ADDR'] safe to use? Can it be something else that
the actual source of the http request to my server?


I found the error. The ipaddr was of type "int" but should have been "int
unsigned" in order to store ip-addresses from 128.0.0.0 and above. So all
ip-addresses above 127.255.255.255, was stored as 127.255.255.255.

--
Jørn Dahl-Stamnes
http://www.dahl-stamnes.net/dahls/
Mar 12 '06 #4
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

4
Hep req. with PHP and MySQL - simple guestbook
by: Dariusz | last post by:
I am a beginner in PHP and MySQL, and am working through a book and various online tutorials on PHP and MySQL and now stuck - installed everything on "localhost" and it all works fine. My question...
PHP
20
Connect to MySQL
by: Mr Dygi | last post by:
Hi, PHP 4.3.4 installed manually from package *.zip and Apache 2. I have a problem with this simple code: <?php $link = mysql_connect("127.0.0.1","","") or die("Could not connect: " ....
PHP
0
Problem When Mysql runs on a Machine with multiple NIC.
by: P Srinivasulu | last post by:
When Mysql runs on machine with multiple NIC's. Mysql server takes the IP Address that we specify in the configuration file. This IP Address may or may not be a primary IP Address of that machine....
MySQL Database
2
Error when Telnet to MySQL on Windows 2000?
by: Bruce W...1 | last post by:
I've got MySQL running as a service on my Windows 2000 box. And I can work with it using a command window (DOS box). I used the default install of MySQL and here's what status says: mysql>...
MySQL Database
0
How to access Mysql server (LINUX) from mysql control center (WINDOWS)
by: Sonu K Mehrotra | last post by:
mysql server is <172.16.27.39> running on Linux 9.1 I have installed mysql control center (client GUI) on 172.16.27.252 running on Windows 2000 advanced server The machines are connected in...
MySQL Database
4
Error 1130 when accessing MySQL from another IP??
by: Spare Brain | last post by:
Hi, I am trying to run the MySQL DB on a Linux machine that is part of a home LAN (IP=192.168.0.3), while trying to access it from another WinXP machine (IP=192.168.0.5). I keep getting the...
MySQL Database
4
MySql Data Read Problem?
by: Dakkar | last post by:
I write a program for connecting to mysql database and read the values that i want from the database so i wrote my code like this RegistryKey uo =...
C# / C Sharp
2
Connect to remote MySQL server
by: Martin | last post by:
Hi all. I have a fully functional page hosted on my PC that uses PHP and connects to MySQL on my PC to generate it's code. I now have some web hosting available which includes both PHP and...
PHP
1
mysql Install Problems
by: PowerLifter1450 | last post by:
I've been having a very rough time installinig mySQL on Linux. I have been following the instructions form here: http://www.hostlibrary.com/installing_apache_mysql_php_on_linux Everytime I get to...
MySQL Database
2
PHP & MYSQL ip address check
by: Boujii | last post by:
<html> <head> <title>Add New MySQL User</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> </head> <body> <? if(isset($_POST)) {
PHP
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!