Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    New to the CF scene
    Join Date
    Jan 2012
    Posts
    7
    Thanks
    2
    Thanked 0 Times in 0 Posts

    PHP - server behind proxy, IP tracking

    I want to at least monitor visitor's IP address where they really are coming from. I have a server1 running a qualified domain (domain1.com) that is on port 80 and it runs a proxy for the other server, (server2) that is running over the local LAN with a qualified domain names (domain2.com, domain3.com).

    MY problem right now is I am using this to get the remote user IP, $_SERVER['REMOTE_ADDR'] but now its on the proxy, I am getting the local host IP instead.

    There are also a few areas in the html/php code that refers to that IP that is currently not working right for me since I changed it.

    So, what I want is to be able to track at least close to the real IP but still use our admin judgment if its fake or not. Anyway, on the html header, I have this on top:

    <?php
    require_once('includes/functions/func.signup.php');
    db_connect($config);
    session_start();
    $ip=$_SERVER['REMOTE_ADDR'];


    So, Instead of this on my header, I will use this and put this on top unless this is not correct, maybe you can edit it for me.

    $headers = apache_request_headers();

    if(array_key_exists("X-Forwarded-For", $headers)){
    $proxylist = $headers['X-Forwarded-For'];
    $proxylist = explode(',', $proxylist);
    $realip = $proxylist[0];
    }else{
    $realip = $_SERVER['REMOTE_ADDR'];
    }



    THEN: Any statements that has currently "$ip" which was referring to the old header, as in, "Your IP ($ip) is banned !", I changed it to

    "Your IP ($realip) is banned !".


    Moreover, there are some mysql queries that also deal with the IP address where I save them in the mysql table. So, I need to make sure I get the right IP as opposed to my local proxy's IP. An example will be this one where the is this encode_ip($_SERVER,$_ENV) toward the bottom of the code:

    if($type == 'buyer')
    {
    mysql_query("INSERT INTO `".$config['db']['pre']."buyers` ( `buyer_id` , `buyer_username` , `buyer_password` , `buyer_email` , `buyer_name` , `buyer_joined` , `buyer_rating` , `buyer_reviews` , `buyer_confirm` , `buyer_custom_fields` , `buyer_custom_values`, `buyer_zipcode`, `buyer_city`, `buyer_state`, `buyer_country`, `buyer_ip3`, `buyer_ip3date`, `buyer_country_flag`) VALUES ('', '" . validate_input($_POST['username']) . "', '" . validate_input(md5($_POST['password'])) . "', '" . validate_input($_POST['email']) . "', '" . validate_input($_POST['name']) . "', '" . time() . "', '0', '0', '".validate_input($confirm_id)."', '" . validate_input($custom_db_fields2) . "', '" . validate_input($custom_db_data2) . "', '" . validate_input($_POST['zipcode']) . "', '" . validate_input($_POST['city']) . "', '" . validate_input($_POST['state']) . "', '" . validate_input($_POST['country']) . "', '" . encode_ip($_SERVER, $_ENV) . "', NOW(), '" . $flag_file_name . "');");

    $user_id = mysql_insert_id();

    mysql_query("INSERT INTO `".$config['db']['pre']."buyers_balance` ( `buyer_id` , `balance_amount` ) VALUES ('" . $user_id . "', '" . $config['start_amount_buyer'] . "');");

    mysql_query("INSERT INTO `".$config['db']['pre']."transactions` ( `transaction_id` , `transaction_type` , `transaction_method` , `buyer_id` , `provider_id` , `transaction_ip` , `transaction_time` , `transaction_amount` , `transaction_description` ) VALUES ('', 'adm', 'initial', '" . $user_id . "', '', '" . encode_ip($_SERVER,$_ENV) . "', '" . time() . "', '" . addslashes($config['start_amount_buyer']) . "', 'Signup Bonus');");
    }



    And for my parameters where I have "IP" defined, I have this, and I Need to point it to the right IP:

    $page->SetParameter ('IP',$_SERVER['REMOTE_ADDR']);



    Hopefully, I can get some great help here again. Thanks guys.
    Last edited by jthunder; 01-09-2012 at 02:44 AM.

  • #2
    New to the CF scene
    Join Date
    Jan 2012
    Posts
    7
    Thanks
    2
    Thanked 0 Times in 0 Posts
    Any takers??


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •