以php联系人表单捕获用户的IP地址

时间:2013-01-31 01:49:06

标签: php

我正在尝试从php联系表单中获取用户的ip地址,我有以下代码,但我想知道以这种方式使用clean_string向我自己发送ip地址是否有效?

<?php

session_start();




if(isset($_POST['fullname'])) {

include 'freecontact2formsettings.php';

function died($error) {
    echo "Sorry, but there were error(s) found with the form you submitted. ";
    echo "These errors appear below.<br /><br />";
    echo $error."<br /><br />";
    echo "Please go back and fix these errors.<br /><br />";
    die();
}

if(!isset($_POST['fullname']) ||
    !isset($_POST['Address1']) ||
    !isset($_POST['city']) ||   
    !isset($_POST['Postcode']) ||
    !isset($_POST['contactnum']) ||
    !isset($_POST['emailaddress'])







    ) {
    died('Sorry, there appears to be a problem with your form submission.');        
}
$ip = $_SERVER['HTTP_CLIENT_IP']; 
$ansb0_from = $_POST['fullname']; // required
$ansb1_from = $_POST['Address1']; // required
$ansb3_from = $_POST['city']; // required   
$ansb4_from = $_POST['Postcode']; // required
$ansb5_from = $_POST['contactnum']; // required
$ansb6_from = $_POST['emailaddress']; // required


$error_message = "";


$email_message = "PHP CONTACT FORM:\r\n";

function clean_string($string) {
  $bad = array("content-type","bcc:","to:","cc:");
  return str_replace($bad,"",$string);
}


$email_message .= "Forename: ".clean_string($ansb0_from)."\r\n";
$email_message .= "Address 1: ".clean_string($ansb1_from)."\r\n";
$email_message .= "City: ".clean_string($ansb3_from)."\r\n";
$email_message .= "Postcode: ".clean_string($ansb4_from)."\r\n";
$email_message .= "Contact Number: ".clean_string($ansb5_from)."\r\n";
$email_message .= "Email Address: ".clean_string($ansb6_from)."\r\n";
$email_message .="IP Address: ".clean_string($ip)."\n\n"; 











$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
mail($email_to, $email_subject, $email_message, $headers);
header("Location: $thankyou");
?>
<script>location.replace('<?php echo $thankyou;?>')</script>
<?php
}
die();
?>

此外,

$ip = $_SERVER['HTTP_CLIENT_IP'];

是在联系表单脚本页面上,而不是用户输入信息的实际form.php,我认为那是我出错的地方吗?

2 个答案:

答案 0 :(得分:9)

您不希望表单中包含IP。这样它就可以显示,编辑和搞乱。相反,只需使用以下方法捕获服务器端:

$_SERVER['REMOTE_ADDR'];

谷歌搜索这个问题应该顺便返回5亿个有效的结果。只是一个快速提醒。

答案 1 :(得分:1)

您要同时检查$_SERVER["REMOTE_ADDR"]$_SERVER["HTTP_X_FORWARDED_FOR"],因为如果用户位于代理服务器后面,则可能需要后者。

您可以在此处阅读更多内容:https://stackoverflow.com/a/3003233/666468

相关问题
最新问题