Get visitors private IP and store it in database to track the visitor

Question

I am running a small exercise where I am sending fake emails to the employees and I just want to check who opened the link. For this I can get the IP using php or other scripts such as - http://l2.io/, http://www.hashemian.com/tools/visitor-IP.htm etc. That is fine but as they are all connected to a router, I am sure that there will be only one single IP if everyone clicks at the link. So I thought of getting private IP's as well so that they can be tracked using the router logs.

In order to get the Private IP, I am using this - How to get client's IP address using javascript only?

Now I want to store that IP into a database when the page loads. As per my knowledge it can be done by using ajax to store the value into a database but How do I put that value into a variable.

<!DOCTYPE html>
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
    </head>
    <body>
        <h4>
          
        </h4>
       
        <h4>Your local IP addresses:</h4>
        <ul></ul>
        <h4>Your public IP addresses:</h4>
        <ul></ul>
        <h4>Your IPv6 addresses:</h4>
        <ul></ul>
        <iframe id="iframe" style="display: none"></iframe>
        <script>
            //get the IP addresses associated with an account
            function getIPs(callback){
                var ip_dups = {};

                //compatibility for firefox and chrome
                var RTCPeerConnection = window.RTCPeerConnection
                    || window.mozRTCPeerConnection
                    || window.webkitRTCPeerConnection;
                var useWebKit = !!window.webkitRTCPeerConnection;

                //bypass naive webrtc blocking using an iframe
                if(!RTCPeerConnection){
                    //NOTE: you need to have an iframe in the page right above the script tag
                    //
                    //<iframe id="iframe" sandbox="allow-same-origin" style="display: none"></iframe>
                    //<script>...getIPs called in here...
                    //
                    var win = iframe.contentWindow;
                    RTCPeerConnection = win.RTCPeerConnection
                        || win.mozRTCPeerConnection
                        || win.webkitRTCPeerConnection;
                    useWebKit = !!win.webkitRTCPeerConnection;
                }

                //minimal requirements for data connection
                var mediaConstraints = {
                    optional: [{RtpDataChannels: true}]
                };

                var servers = {iceServers: [{urls: "stun:stun.services.mozilla.com"}]};

                //construct a new RTCPeerConnection
                var pc = new RTCPeerConnection(servers, mediaConstraints);

                function handleCandidate(candidate){
                    //match just the IP address
                    var ip_regex = /([0-9]{1,3}(\.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/
                    var ip_addr = ip_regex.exec(candidate)[1];

                    //remove duplicates
                    if(ip_dups[ip_addr] === undefined)
                        callback(ip_addr);

                    ip_dups[ip_addr] = true;
                }

                //listen for candidate events
                pc.onicecandidate = function(ice){

                    //skip non-candidate events
                    if(ice.candidate)
                        handleCandidate(ice.candidate.candidate);
                };

                //create a bogus data channel
                pc.createDataChannel("");

                //create an offer sdp
                pc.createOffer(function(result){

                    //trigger the stun server request
                    pc.setLocalDescription(result, function(){}, function(){});

                }, function(){});

                //wait for a while to let everything done
                setTimeout(function(){
                    //read candidate info from local description
                    var lines = pc.localDescription.sdp.split('\n');

                    lines.forEach(function(line){
                        if(line.indexOf('a=candidate:') === 0)
                            handleCandidate(line);
                    });
                }, 1000);
            }

            //insert IP addresses into the page
            getIPs(function(ip){
                var li = document.createElement("li");
                li.textContent = ip;

                //local IPs
                if (ip.match(/^(192\.168\.|169\.254\.|10\.|172\.(1[6-9]|2\d|3[01]))/))
                    document.getElementsByTagName("ul")[0].appendChild(li);

                //IPv6 addresses
                else if (ip.match(/^[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7}$/))
                    document.getElementsByTagName("ul")[2].appendChild(li);

                //assume the rest are public IPs
                else
                    document.getElementsByTagName("ul")[1].appendChild(li);
            })
   
   ;
        </script>
    </body>
</html>

If there is any other way this can be done or if its possible to track the employee who opened the link without getting the private IP, then also I am open to it. Thanks

Answer 1

Send the users a link with a "unique ID", for example: www.mysite.com?emailID=Ajk2j18ysdcnb then just keep track of your IDs as you send them out and look for them in the GET parameters when they click the link.

EDIT

i'd like to add that this method is more secure as a user could not access the page without a valid ID and it prevents users from spoofing an IP address. Javascript is entirely client-side and nothing is stopping anyone from send whatever they want.