Page 1 of 1

show repeat region by username

Posted: Sun May 02, 2010 11:29 am
by rlthompson
Hello, I have a user registration script that I created using Dreamweaver's built in functions. I am looking for a way to show the user's ip which is entered into a db table when they register. The problem I'm having is I want it to display only the ip of the user that is logged in. Thanks in advance for any tips

Re: show repeat region by username

Posted: Mon May 03, 2010 12:56 pm
by rlthompson
Here is my registration script by the way. Also the way that users log in to the site is a Dreamweaver function that simply checks the username and password boxes against the username and password fields in the table. Is there a better way to have users log in?

Code: Select all

<?php 

mysql_connect("mydb", username, "password") or die(mysql_error());

mysql_select_db("crashhorizon") or die(mysql_error());

if ($_POST['form_submitted'] == '1') {
 if($_POST['password'] == $_POST['confirm_password'])
 {
##User is registering, insert data until we can activate it

$activationKey =  mt_rand() . mt_rand() . mt_rand() . mt_rand() . mt_rand();
$username = mysql_real_escape_string($_POST[username]);
$password = mysql_real_escape_string($_POST[password]); 

$email = mysql_real_escape_string($_POST[email]);

$confirm_password = mysql_real_escape_string($_POST[confirm_password]);

$refer = mysql_real_escape_string($_POST[refer]);

$newsletter = mysql_real_escape_string($_POST[newsletter]);

$remote_addr = mysql_real_escape_string($_SERVER['REMOTE_ADDR']); 

$sql="INSERT INTO user_auth (username, password, confirm_password, email, refer, newsletter, activationkey, status, remote_addr) VALUES ('$username', '$password', '$confirm_password', '$email', '$refer', '$newsletter', '$activationKey', 'verify', '$remote_addr')";

} else {
echo 'Your passwords did not match';
  
  } 

if (!mysql_query($sql))

  {

  die('Error: ' . mysql_error());

  }

echo "An email has been sent to $_POST[email] with an activation key. Please check your mail to complete registration.";

##Send activation Email

$to      = $_POST[email];

$subject = " horizonitsolutions.com Registration";

$message = "Welcome to our website!\r\rYou, or someone using your email address, has completed registration at horizonitsolutions.com. You can complete registration by clicking the following link:  \rhttp://www.horizonitsolutions.com/register/verify.php?$activationKey\r\r If this is an error, ignore this email and you will be removed from our mailing list.\r\rRegards, horizonitsolutions.com";

$headers = 'From: noreply@ horizonitsolutions.com' . "\r\n" .

    'Reply-To: noreply@ horizonitsolutions.com' . "\r\n" .

    'X-Mailer: PHP/' . phpversion();

mail($to, $subject, $message, $headers);

} else {

##User isn't registering, check verify code and change activation code to null, status to activated on success

$queryString = $_SERVER['QUERY_STRING'];

$query = "SELECT * FROM user_auth"; 

$result = mysql_query($query) or die(mysql_error());

  while($row = mysql_fetch_array($result)){

    if ($queryString == $row["activationkey"]){

       echo "Congratulations " . $row["username"] . " and thank you for registering with horizonitsolutions.com.  You will be redirected in 10 seconds.";

       $sql="UPDATE user_auth SET activationkey = '', status='activated' WHERE (id = $row[id])";

       if (!mysql_query($sql))

  {

        die('Error: ' . mysql_error());

  }

    }

  }

}

?>

Re: show repeat region by username

Posted: Mon May 03, 2010 2:54 pm
by rnoack
I don't see anywhere in this code where you are displaying an IP address at all.
so if it is not showing the users ip what is it showing?

if you mean you want it to show the users ip instead of what is in the database you can use the variable $_SERVER['REMOTE_ADDR'] which is always equal to the user's ip. but why are you storing it in the database? The only usefulness I could think for this is if you wanted to say "last login was from: ____" or something....


And what do you mean by "is there a better way to have users log in"? it depends on your definition of better. if you care about security, you should probably read a bit about php login security, etc. It is impossible to get a truly secure login with php unless you use SSL which requires buying a certificate and having a dedicated IP for your server. Otherwise, without SSL you can surely get a lot more secure than you have it. Right now it looks like you are sending the passwords in plaintext and storing them in the database in plaintext. I would reccomend at least doing some kind of hash on them.

Re: show repeat region by username

Posted: Mon May 03, 2010 11:08 pm
by a94060
you can find the ip of the user by checking the $_SERVER['REMOTE_ADDR']

Re: show repeat region by username

Posted: Tue May 04, 2010 9:24 am
by rlthompson
The ip was just an example. My script currently writes user's ip address to the database. I'm basically looking for a way to display a user's name and current invoices when they log in. As an example, when example logs in I want it to say "welcome example" or something similar and I want it to display example's current invoices.