您的位置: 首页  >  技术问答  >  创建帐户时需要帮助记录用户的IP

创建帐户时需要帮助记录用户的IP

分类: 技术问答 2025-09-19 17:41:22
问题描述:

我很新的编码PHP(非常新) ,我为我的网站创建了一个登录/注册系统我目前有一个工作系统,输入他们的“id int (11)“用户名,电子邮件和密码。我现在想添加一个IP列,在创建帐户时记录他们的IP。
创建帐户时需要帮助记录用户的IP

我的问题很明显是我如何才能增加我的代码的方式来输入的用户的IP(只是对我来说,测试的东西和学到的东西网站)地址一旦他们创建一个帐户在我的网站... 。

我对server.php当前的代码

<?php 
session_start(); 

// variable declaration 
$username = ""; 
$email = ""; 
$errors = array(); 
$_SESSION['success'] = ""; 

// connect to database 
$db = mysqli_connect('localhost','user','password','db') 
or die('Error connecting to MySQL server.'); 

// REGISTER USER 
if (isset($_POST['reg_user'])) { 
    // receive all input values from the form 
    $username = mysqli_real_escape_string($db, $_POST['username']); 
    $email = mysqli_real_escape_string($db, $_POST['email']); 
    $password_1 = mysqli_real_escape_string($db, $_POST['password_1']); 
    $password_2 = mysqli_real_escape_string($db, $_POST['password_2']); 

    // form validation: ensure that the form is correctly filled 
    if (empty($username)) { array_push($errors, "Username is required"); } 
    if (empty($email)) { array_push($errors, "Email is required"); } 
    if (empty($password_1)) { array_push($errors, "Password is required"); } 

    if ($password_1 != $password_2) { 
     array_push($errors, "The two passwords do not match"); 
    } 

    // register user if there are no errors in the form 
    if (count($errors) == 0) { 
     $password = md5($password_1);//encrypt the password before saving in the database 
     $query = "INSERT INTO users (username, email, password) 
        VALUES('$username', '$email', '$password')"; 
     mysqli_query($db, $query); 
     $_SESSION['username'] = $username; 
     $_SESSION['success'] = "You are now logged in"; 
     header('location: index.php'); 

     mysql_error(); 
    } 

} 

// ... 

// LOGIN USER 
if (isset($_POST['login_user'])) { 
    $username = mysqli_real_escape_string($db, $_POST['username']); 
    $password = mysqli_real_escape_string($db, $_POST['password']); 

    if (empty($username)) { 
     array_push($errors, "Username is required"); 
    } 
    if (empty($password)) { 
     array_push($errors, "Password is required"); 
    } 

    if (count($errors) == 0) { 
     $password = md5($password); 
     $query = "SELECT * FROM users WHERE username='$username' AND password='$password'"; 
     $results = mysqli_query($db, $query); 

     if (mysqli_num_rows($results) == 1) { 
      $_SESSION['username'] = $username; 
      $_SESSION['success'] = "You are now logged in"; 
      header('location: index.php'); 
     }else { 
      array_push($errors, "Wrong username/password combination"); 
     } 
    } 
} 

?>
+0

您还没有提问任何问题 – symcbean

+0

了解如何使用预处理语句。您可以在这里打开SQL注入。 'mysqli_escape_string()'不足以保护你免受所有攻击。 – miken32

+0

@symcbean您可以清楚地看到我说的 “我现在想添加一个IP列,在创建帐户时记录他们的IP。” 我没有来这里告诉你我想做什么...阅读标题 –

获得T中的最简单方法他访客/客户的IP address正在使用$_SERVER['REMOTE_ADDR']$_SERVER['REMOTE_HOST']变量。

但是,有时这不会返回访问者的正确IP地址,所以我们可以使用其他一些服务器变量来获取IP地址。

下面的两个函数仅与从中检索值的方式和区别相同。

getenv()用于获取PHP中环境变量的值。

// Function to get the client IP address 
function get_client_ip() { 
    $ipaddress = ''; 
    if (getenv('HTTP_CLIENT_IP')) 
     $ipaddress = getenv('HTTP_CLIENT_IP'); 
    else if(getenv('HTTP_X_FORWARDED_FOR')) 
     $ipaddress = getenv('HTTP_X_FORWARDED_FOR'); 
    else if(getenv('HTTP_X_FORWARDED')) 
     $ipaddress = getenv('HTTP_X_FORWARDED'); 
    else if(getenv('HTTP_FORWARDED_FOR')) 
     $ipaddress = getenv('HTTP_FORWARDED_FOR'); 
    else if(getenv('HTTP_FORWARDED')) 
     $ipaddress = getenv('HTTP_FORWARDED'); 
    else if(getenv('REMOTE_ADDR')) 
     $ipaddress = getenv('REMOTE_ADDR'); 
    else 
     $ipaddress = 'UNKNOWN'; 
    return $ipaddress; 
}

$ _SERVER是一个包含由Web服务器创建的服务器变量的数组。

// Function to get the client IP address 
function get_client_ip() { 
    $ipaddress = ''; 
    if (isset($_SERVER['HTTP_CLIENT_IP'])) 
     $ipaddress = $_SERVER['HTTP_CLIENT_IP']; 
    else if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) 
     $ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR']; 
    else if(isset($_SERVER['HTTP_X_FORWARDED'])) 
     $ipaddress = $_SERVER['HTTP_X_FORWARDED']; 
    else if(isset($_SERVER['HTTP_FORWARDED_FOR'])) 
     $ipaddress = $_SERVER['HTTP_FORWARDED_FOR']; 
    else if(isset($_SERVER['HTTP_FORWARDED'])) 
     $ipaddress = $_SERVER['HTTP_FORWARDED']; 
    else if(isset($_SERVER['REMOTE_ADDR'])) 
     $ipaddress = $_SERVER['REMOTE_ADDR']; 
    else 
     $ipaddress = 'UNKNOWN'; 
    return $ipaddress; 
}
+0

现在我该如何实现这个代码到我的server.php,以便每次有人创建一个帐户时都会记录下来?谢谢你的信息! –

+0

请记住,除了'$ _SERVER ['REMOTE_ADDR']'之外的任何东西都可以很容易地被篡改,如果有恶意意图的人想要冒充别人,并用一个“X-Forwarded-For”可以放任何他们想要的。在相信任何其他标头所说的内容之前,根据已知的受信任代理IP检查远程地址。 – SeinopSys

+0

@WollyLinka您可以简单地使用'$ ipaddress = $ _SERVER ['REMOTE_ADDR'];'然后将$ ipaddress的值保存到MySQL表中。 – Ank

相关推荐