0

Alright, the register/login system is fully working with sql injection, BUUUT now I want to store their IP Address. WHOLE new function that I've never dealt with before. So I need some help. Am I doing something wrong?

I have the IPadd in the database as INT(10) and then I went down to another drop down list and hit unsigned.
I feel like I'm doing something wrong with the field in the database..

{
		$_SERVER['REMOTE_ADDR'] = $IPadd;
		$sql = "INSERT INTO Member (username,createDate,password,firstName,email,IPadd) VALUES ('$username',NOW(),md5('$password'),'$firstName','$email',inet_aton('$IPadd'))";
		mysqli_query($cxn,$sql);
		$_SESSION['auth']="yes";
		$_SESSION['username'] = $username;
		header("Location: testing.php");
	}
5
Contributors
5
Replies
6
Views
7 Years
Discussion Span
Last Post by manzarr
2

Hello,

This is what I used for reference and it says INT UNSIGNED (4 bytes) which is how mine are defined and they work great.

MySQL has two built-in functions: INET_ATON() and INET_NTOA(). They are actually based on the equivalent inet_aton() and inet_ntoa() which are C library functions present on pretty much every TCP/IP capable system. Why? These two functions are used allover the place in any TCP/IP stack implementation or even application.
The INET_ATON() function converts Internet addresses from the numbers-and-dots notation into a 32-bit unsigned integer, and INET_NTOA() does the opposite. Isn't that handy!

Let's put it to the test:

mysql> SELECT INET_ATON('192.168.0.10') AS ipn;
+------------+
| ipn |
+------------+
| 3232235530 |
+------------+

mysql> SELECT INET_NTOA(3232235530) AS ipa;
+--------------+
| ipa |
+--------------+
| 192.168.0.10 |
+--------------+

So you can store an IP address in an INT UNSIGNED (4 bytes) which is of course much more efficient and faster than a CHAR(15). Naturally, you can call the function while you're inserting, so something like this is fine also:

INSERT INTO tbl VALUES (..., INET_ATON('192.168.0.10'), ...)

Votes + Comments
great post
0

...
I said I am using INT(10) UNSIGNED and I have the coding right.
I have exactly what they have.

I MUST still being doing something wrong though because it's not working. It fails to insert it into the table..

I dont know peoples IP address so I can't do INET_ATON('numbers here'), but I pull their IP address with the REMOTE_ADDR function and make it into a variable and put that into the parantheses but it's STILL not working.
It's failing to insert so I must be doing something wrong with the actual IPadd field in the Mysql database..

[img]http://i370.photobucket.com/albums/oo149/TenaciousMug/MemberTable.png[/img]

Also random question, is it ok if I make a database called Asterock_memberdirectory and just use that database for everything like member, login, news, pet, items?

EDIT
NEVERMIND. Someone helped me on phpfreaks. All I had to do was switch the function and variable around. xD

Edited by Tenaciousmug: n/a

0

An IP address of the most commonly used IPV4 protocol is basically a 32-bit number. The INT data type would have the highest storage density for it. Depending of the form in which you have the address, you might need to convert it into na integer though. The disadvantage is that the number is inconvenient for humans when viewing the table contents with standard tools.


You could indeed store the IP addres in an INT UNSIGNED:

mysql> SELECT INET_ATON('192.168.0.10') AS ipn;
+------------+
| ipn |
+------------+
| 3232235530 |
+------------+

mysql> SELECT INET_NTOA(3232235530) AS ipa;
+--------------+
| ipa |
+--------------+
| 192.168.0.10 |
+--------------+

So you can store an IP address in an INT UNSIGNED (4 bytes) which is of course much more efficient and faster than a CHAR(15). Naturally, you can call the function while you're inserting, so something like this is fine also:

INSERT INTO tbl VALUES (..., INET_ATON('192.168.0.10'), ...)

0

what is it? where you giving this value? (IPadd)

$_SERVER['REMOTE_ADDR'] = $IPadd;

maybe you need this...

$IPadd = $_SERVER['REMOTE_ADDR'];
0

Not sure but i think this code useful to your query
IP address using HTTP_X_FORWARDED_FOR. And if this is also not available, then finally get the IP address using REMOTE_ADDR.

function getRealIpAddr()
{
if (!empty($_SERVER)) //check ip from share internet
{
$ip=$_SERVER;
}
elseif (!empty($_SERVER)) //to check ip is pass from proxy
{
$ip=$_SERVER;
}
else
{
$ip=$_SERVER;
}
return $ip;
}

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.