Unique IP

asgsoft · 05-09-2006, 02:35 PM

I have a poll script but the only problem it has is that it will let me add more than one vote, I used a basic ip detection but that didn't work. Is there a way of getting the users real IP?

This is what I have right now:

PHP Code:

  <?php

include 'config.php';

mysql_connect("$host", "$user", "$pass") or die(mysql_error()); 

mysql_select_db("$dbname") or die(mysql_error());

$ip = $_SERVER['REMOTE_ADDR'];

if (trim($ip) == '') {

    $ip = $_SERVER['HTTP_CLIENT_IP'];

}

if (trim($ip) == '') {

    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];

????: NamePros.com http://www.namepros.com/programming/195647-unique-ip.html
}

 
$query = mysql_query("select * from vote where ip='$ip'");

$countbans = mysql_num_rows($query);

if($countbans > 0) {

include "results.php";

echo("You have Already Voted!");

}else{

 
$action = $_GET['action'];

if(!isset($action) || empty($action) || $action !== "addvote"){

echo("<form name='form1' method='post' action='?action=addvote'>

                    <table width='100%' border='0' cellspacing='2' cellpadding='0'>

                      <tr> 

                        <td colspan='2'><div align='left'>Do you like my site?</div></td>

                      </tr>

                      <tr> 

                        <td width='19%'><input type='radio' name='vote' value='ex'></td>

                        <td width='81%' bgcolor='#F4F4F4'>It's Excellent!</td>

                      </tr>

                      <tr> 

                        <td><input type='radio' name='vote' value='co'></td>

                        <td bgcolor='#F4F4F4'>Pretty Cool</td>

                      </tr>

                      <tr> 

                        <td><input type='radio' name='vote' value='ok'></td>

                        <td bgcolor='#F4F4F4'>OK</td>

                      </tr>

                      <tr> 

                        <td><input type='radio' name='vote' value='ha'></td>

                        <td bgcolor='#F4F4F4'>Hate It!</td>

                      </tr>

                      <tr> 

                        <td></td>

                        <td><input type='submit' name='Submit' value='Vote!'></td>

                      </tr>

                    </table>

????: NamePros.com http://www.namepros.com/showthread.php?t=195647
                  </form>");

}elseif($action == "addvote"){

//show result

echo "<p><h4>Thank you For Voting</h4></p>";

$vote = $_POST['vote'];

include 'config.php';

$ip = $_SERVER['REMOTE_ADDR'];

if (trim($ip) == '') {

$ip = $_SERVER['HTTP_CLIENT_IP'];

}

if (trim($ip) == '') {

$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];

} 

mysql_connect("$host", "$user", "$pass") or die(mysql_error()); 

mysql_select_db("$dbname") or die(mysql_error());

mysql_query("INSERT INTO `vote` (`vote` , `ip` ) VALUES ('$vote', '$ip')");

}

}

?>

MikeBigg · 05-10-2006, 04:19 AM

In what way didn't it work?

I think using IP address detection alone will not work 100%, primarily because of the way AOL uses proxies to route all their internet traffic. An AOL user is not guaranteed to have the same ip address for different images on a page, let alone two page requests.

There is also the issue of 2 people from the same IP address. Companies may well route all their employees through a single router with one IP address. Frequently the forwarded-for and client-ip fields will not be filled in as it is considered a security risk (even though IP addresses and machine names get sent out in email headers from the same organisations).
????: NamePros.com http://www.namepros.com/showthread.php?t=195647

Using cookies as well may help.

I'd be very interested to see what you come up with in the end.

Regards,

Mike

JFS · 05-10-2006, 10:58 AM

Code:

function validip($ip) { 
   if (!empty($ip) && ip2long($ip)!=-1) { 
       $reserved_ips = array ( 
       array('0.0.0.0','2.255.255.255'), 
       array('10.0.0.0','10.255.255.255'), 
       array('127.0.0.0','127.255.255.255'), 
       array('169.254.0.0','169.254.255.255'), 
       array('172.16.0.0','172.31.255.255'), 
       array('192.0.2.0','192.0.2.255'), 
       array('192.168.0.0','192.168.255.255'), 
       array('255.255.255.0','255.255.255.255') 
       ); 

       foreach ($reserved_ips as $r) { 
           $min = ip2long($r[0]); 
           $max = ip2long($r[1]); 
           if ((ip2long($ip) >= $min) && (ip2long($ip) <= $max)) return false; 
       } 
       return true; 
   } else { 
       return false; 
   } 
} 


function getip() { 
   if (validip($_SERVER["HTTP_CLIENT_IP"])) { 
       return $_SERVER["HTTP_CLIENT_IP"]; 
   } 
   foreach (explode(",",$_SERVER["HTTP_X_FORWARDED_FOR"]) as $ip) { 
       if (validip(trim($ip))) { 
           return $ip; 
       } 
   } 
   if (validip($_SERVER["HTTP_X_FORWARDED"])) { 
       return $_SERVER["HTTP_X_FORWARDED"]; 
   } elseif (validip($_SERVER["HTTP_FORWARDED_FOR"])) { 
       return $_SERVER["HTTP_FORWARDED_FOR"]; 
   } elseif (validip($_SERVER["HTTP_FORWARDED"])) { 
       return $_SERVER["HTTP_FORWARDED"]; 
   } elseif (validip($_SERVER["HTTP_X_FORWARDED"])) { 
       return $_SERVER["HTTP_X_FORWARDED"]; 
   } else { 
       return $_SERVER["REMOTE_ADDR"]; 
   } 
}

this gets you the real ip from the user and validat its, hope it helps

BillyConnite · 05-11-2006, 07:59 AM

Yes, in what way do you mean that you didn't get an IP?
This should work in php:

Quote:

if($_SERVER[HTTP_X_FORWARD_FOR]){
$ip = $_SERVER[HTTP_X_FORWARD_FOR];
}else{
$ip = $_SERVER[REMOTE_ADDR];
}
echo $ip;

All the best, Rhett.

asgsoft · 05-11-2006, 10:28 AM

Originally Posted by BillyConnite

Yes, in what way do you mean that you didn't get an IP?
This should work in php:

All the best, Rhett.

Does that mean I can get the actual IP even if they are behind a proxy and it only makes it one vote per PC?

05-09-2006, 02:35 PM	THREAD STARTER #1 (permalink)
asgsoft NamePros Regular Join Date: Sep 2005 Location: At Home Posts: 881	Unique IP I have a poll script but the only problem it has is that it will let me add more than one vote, I used a basic ip detection but that didn't work. Is there a way of getting the users real IP? This is what I have right now: PHP Code: <?php include 'config.php'; mysql_connect("$host", "$user", "$pass") or die(mysql_error()); mysql_select_db("$dbname") or die(mysql_error()); $ip = $_SERVER['REMOTE_ADDR']; if (trim($ip) == '') { $ip = $_SERVER['HTTP_CLIENT_IP']; } if (trim($ip) == '') { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; ????: NamePros.com http://www.namepros.com/programming/195647-unique-ip.html } $query = mysql_query("select * from vote where ip='$ip'"); $countbans = mysql_num_rows($query); if($countbans > 0) { include "results.php"; echo("You have Already Voted!"); }else{ $action = $_GET['action']; if(!isset($action) \|\| empty($action) \|\| $action !== "addvote"){ echo("<form name='form1' method='post' action='?action=addvote'> <table width='100%' border='0' cellspacing='2' cellpadding='0'> <tr> <td colspan='2'><div align='left'>Do you like my site?</div></td> </tr> <tr> <td width='19%'><input type='radio' name='vote' value='ex'></td> <td width='81%' bgcolor='#F4F4F4'>It's Excellent!</td> </tr> <tr> <td><input type='radio' name='vote' value='co'></td> <td bgcolor='#F4F4F4'>Pretty Cool</td> </tr> <tr> <td><input type='radio' name='vote' value='ok'></td> <td bgcolor='#F4F4F4'>OK</td> </tr> <tr> <td><input type='radio' name='vote' value='ha'></td> <td bgcolor='#F4F4F4'>Hate It!</td> </tr> <tr> <td></td> <td><input type='submit' name='Submit' value='Vote!'></td> </tr> </table> ????: NamePros.com http://www.namepros.com/showthread.php?t=195647 </form>"); }elseif($action == "addvote"){ //show result echo "<p><h4>Thank you For Voting</h4></p>"; $vote = $_POST['vote']; include 'config.php'; $ip = $_SERVER['REMOTE_ADDR']; if (trim($ip) == '') { $ip = $_SERVER['HTTP_CLIENT_IP']; } if (trim($ip) == '') { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } mysql_connect("$host", "$user", "$pass") or die(mysql_error()); mysql_select_db("$dbname") or die(mysql_error()); mysql_query("INSERT INTO `vote` (`vote` , `ip` ) VALUES ('$vote', '$ip')"); } } ?> __________________ Free SEO and Domain tools \|HTML ENT\| Your Source to expired domains with PageRank & tips

05-10-2006, 04:19 AM	#2 (permalink)
MikeBigg NamePros Member Join Date: May 2005 Posts: 102	In what way didn't it work? I think using IP address detection alone will not work 100%, primarily because of the way AOL uses proxies to route all their internet traffic. An AOL user is not guaranteed to have the same ip address for different images on a page, let alone two page requests. There is also the issue of 2 people from the same IP address. Companies may well route all their employees through a single router with one IP address. Frequently the forwarded-for and client-ip fields will not be filled in as it is considered a security risk (even though IP addresses and machine names get sent out in email headers from the same organisations). ????: NamePros.com http://www.namepros.com/showthread.php?t=195647 Using cookies as well may help. I'd be very interested to see what you come up with in the end. Regards, Mike __________________ File Hosting \| Dubious Facts

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)