1

Okay, so I am using a jquery script to use a get method to pull information from another file like so:

$(document).ready(function() {
$('#calculate').click(function(){
    $.ajax({
        type: 'GET',
        url: '/system/calculate.php',
        data: 'amount=' + $('#buyamount').val() + '&coin=<?php echo $coin; ?>' ,
        success: function(msg) {
            $('#totalprice').html(msg);
        }
    });
});
});

I want to inert their ip address in the database, but I can't set it in that calculate file because they aren't actually visiting that page to set the IP address. Now, I don't want to use the get function to send their IP address because they could simply edit the ?ip= to whatever they want.

I tried setting it in the calcuate file, but their ip is set as ::1

tl;dr: using jquery to run scrip from another file, can't set IP because they don't visit that page personally.

  • Try looking into Jquery.Post? http://api.jquery.com/jquery.post/ Put it into a form and asynchronously post the form. – Mark Dec 11 '14 at 15:20
  • this would be on the server side. – Daniel A. White Dec 11 '14 at 15:21
  • I can't say I fully understand your intent here, but I want to highlight this phrase: "because they could simply edit the ...". Yes. This is JavaScript: **The user could edit your code itself.** If certainty of execution is needed for some security-related matter, you'll want to handle it on the server's end - perhaps determine someone's IP address based on the request. – Katana314 Dec 11 '14 at 15:21
  • If you want to get the IP at the client side: http://stackoverflow.com/questions/391979/get-client-ip-using-just-javascript but it doesn't make sense. It's better to get the IP from the request object at the backend, regardless the technology (php, ruby, java, etc...). – Christian Benseler Dec 11 '14 at 16:38

1 Answers1

0

you can get client ip in php and that ip can insert in your db. 

function getIp() {

        $ip = '';



        if (isset($_SERVER['REMOTE_ADDR']) && !empty($_SERVER['REMOTE_ADDR'])) {

            $ip = filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP);
        }



        if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {

            if (strpos(filter_var($_SERVER['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP), ',') !== false) {

                $temp_ips = explode(',', filter_var($_SERVER['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP));
            }



            if (!empty($temp_ips)) {

                $ip = $temp_ips[count($temp_ips) - 1];
            } else {

                $ip = filter_var($_SERVER['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP);
            }
        }



        if (isset($_SERVER['HTTP_CF_CONNECTING_IP']) && !empty($_SERVER['HTTP_CF_CONNECTING_IP'])) {

            $ip = filter_var($_SERVER['HTTP_CF_CONNECTING_IP'], FILTER_VALIDATE_IP);
        }



        return $ip;
    }
Sumit Jha
  • 370
  • 1
  • 5
  • 11