I am using the service of http://ipinfo.io, I use the following code to consult information of my location through my IP, however, in localhost it works correctly but in the production server no, instead of throwing me the ip from the user, it returns the IP of the server from where the query is made.
I want it to detect the ip of the visitor, not the ip from where the request is made
class ipController{
private $token="XXXXXX";
public function __construct(){
$handle = curl_init();
$url = "http://ipinfo.io?token=".$this->token;
// Set the url
curl_setopt($handle, CURLOPT_URL, $url);
// Set the result output to be a string.
curl_setopt($handle, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($handle);
//var_dump($output);
curl_close($handle);
$datos = json_decode($output);
var_dump($datos);
//Se setean las propiedades
$this->ip = $datos->ip;
$this->hostname = $datos->hostname;
$this->city = $datos->city;
$this->region = $datos->region;
$this->country = $datos->country;
$this->loc = $datos->loc;
$this->postal = $datos->postal;
$this->org = $datos->org;
}
}
You were getting the server IP address because you were sending your
request with curl and when using the curl, the sever does the
request with its own IP.
In order to get the visitor's IP address you have to use the $_SERVER['REMOTE_ADDR'] or the $_SERVER['REMOTE_HOST'] variables, but this does not return the correct IP address of the visitor sometimes, so you can use the below function to the get the correct IP of the user
function get_ip_address() {
$ipaddress = '';
if (isset($_SERVER['HTTP_CLIENT_IP']))
$ipaddress = $_SERVER['HTTP_CLIENT_IP'];
else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
$ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR'];
else if(isset($_SERVER['HTTP_X_FORWARDED']))
$ipaddress = $_SERVER['HTTP_X_FORWARDED'];
else if(isset($_SERVER['HTTP_FORWARDED_FOR']))
$ipaddress = $_SERVER['HTTP_FORWARDED_FOR'];
else if(isset($_SERVER['HTTP_FORWARDED']))
$ipaddress = $_SERVER['HTTP_FORWARDED'];
else if(isset($_SERVER['REMOTE_ADDR']))
$ipaddress = $_SERVER['REMOTE_ADDR'];
else
$ipaddress = 'UNKNOWN';
return $ipaddress;
}
Then you can just get the ip info with the url this way
$ip = get_ip_address();
$url = "http://ipinfo.io/$ip?token=$token";
//you can the get the data with
$data = url_get_contents($url);
//curl function to send your request
function url_get_contents($Url) {
if (!function_exists('curl_init')){
die('CURL is not installed!');
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $Url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($ch);
curl_close($ch);
return $output;
}
According to the docs you need to put the ip address in the endpoint. Just the token gives your own ip address which is the server
https://ipinfo.io/developers#ip-address-parameter
ipinfo.io/$visitors_ip?token=$TOKEN
I'd assume it is php making the request to ipinfo hence why you get the servers details
Related
I have a script on my website, to prevents bots, it works fine but since i modified it to make changes i had a lot of errors, i'm not good at php.
<?php
error_reporting();
session_start();
$config_antibot['apikey'] = '________________________';
$config_antibot['bot'] = 'https://google.com';
$config_antibot['real'] = 'https://mywebsite.com';
class Antibot
{
function apikey($api_key){
$this->apikey = $api_key;
}
function get_client_ip()
{
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
$_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
$client = #$_SERVER['HTTP_CLIENT_IP'];
$forward = #$_SERVER['HTTP_X_FORWARDED_FOR'];
$remote = $_SERVER['REMOTE_ADDR'];
if(filter_var($client, FILTER_VALIDATE_IP))
{
$ip = $client;
}
elseif(filter_var($forward, FILTER_VALIDATE_IP))
{
$ip = $forward;
}
else
{
$ip = $remote;
}
return $ip;
}
function httpGet($url){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
return $response;
}
function check(){
$ip = $this->get_client_ip();
$respons = $this->httpGet("https://antibot.pw/api/v2-blockers?ip=".$ip."&apikey=".$this->apikey."&ua=".urlencode($_SERVER['HTTP_USER_AGENT']));
$json = json_decode($respons,true);
if($json['is_bot'] == 1 || $json['is_bot'] == true){
return true;
}else{
return false;
}
}
}
$Antibot = new Antibot;
$Antibot->apikey( $config_antibot['apikey'] );
if($Antibot->check() == true){
die(header("location: ".$config_antibot['bot']));
}else{
die(header("location: ".$config_antibot['real']));
}
?>
The lines that i tried to change
Line 7
$config_antibot['real'] = 'https://mywebsite.com';
Line 63
die(header("location: ".$config_antibot['real']));
Line 7 If the visitor is real not a bot it redirected to my website, but this redirect is causing a problem and affecting the nature of my website
Because when users sign up and get link mywebsite.com/user/02331/index?ref=02331 via email to activate their account, the user is redirected to mywebsite.com the user cannot not check mywebsite.com/user/02331/index?ref=02331 to complete registration
i change in line 63 to
die( header("HTTP/1.1 401 Unauthorized") );
exit();
}
But that doesn't seem to work for me, is there a way to let the user stay on the current url that the user is browsing if the user is real and not a bot?
What you're trying to create is a middleware (https://laravel.com/docs/8.x/middleware for laravel), or chain of responsibility (https://en.wikipedia.org/wiki/Chain-of-responsibility_pattern). Depending on how you have it structured at the moment, this could mean you need to change the entire architecture of your code, which obviously isn't a great solution.
Ideally, you would have a router or some such that you can call here:
}else{
Route::get( ... );
// die(header("location: ".$config_antibot['real']));
}
You don't need to die() into the next portion of your site, you just need the page that they want to load to appear instead of the redirect. This could be done in any number of ways, but the die() portion is probably the least best option of them.
I an trying to get visitor ip address to my WordPress site . to do this I write a function getcustomerip() but it showing nothing . can someone help me to what I am doing wrong.
function getcustomerip(){
// Get real visitor IP behind CloudFlare network
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
$_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
$client = #$_SERVER['HTTP_CLIENT_IP'];
$forward = #$_SERVER['HTTP_X_FORWARDED_FOR'];
$remote = $_SERVER['REMOTE_ADDR'];
if(filter_var($client, FILTER_VALIDATE_IP)){
$ip = $client;
}elseif(filter_var($forward, FILTER_VALIDATE_IP)){
$ip = $forward;
}else{
$ip = $remote;
}
return $ip;
}
I have to get public IP of the remote system in php.
I have tried
$_SERVER['REMOTE_ADDR']
getenv('REMOTE_ADDR');
but is always returning the private IP. Help to fix it.
Try this:
$ip = !empty($_SERVER['HTTP_CLIENT_IP']) ? $_SERVER['HTTP_CLIENT_IP'] : (!empty($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']);
Warning: you should extend it and sanitize, since headers can be easily manipulated.
private function getIP()
{
$client = #$_SERVER['HTTP_CLIENT_IP'];
$forward = #$_SERVER['HTTP_X_FORWARDED_FOR'];
$remote = $_SERVER['REMOTE_ADDR'];
if(filter_var($client, FILTER_VALIDATE_IP))
{
$ip = $client;
}
elseif(filter_var($forward, FILTER_VALIDATE_IP))
{
$ip = $forward;
}
else
{
$ip = $remote;
}
return $ip;
}
echo getIP();
I have two php files in a same directory of a server (http://www.xxxx.com/php/),
1) write_json.php
$address['http_client'] = $_SERVER['HTTP_CLIENT_IP'];
$address['http_x_forwarded_for'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
$address['http_x_forwarded'] = $_SERVER['HTTP_X_FORWARDED'];
$address['http_forwarded_for'] = $_SERVER['HTTP_FORWARDED_FOR'];
$address['http_forwarded'] = $_SERVER['HTTP_FORWARDED'];
$address['remote_addr'] = $_SERVER['REMOTE_ADDR'];
header('Content-Type: application/json');
echo json_encode($address);
2) get_ip.php
$json_url = $_SERVER['SERVER_NAME'] . '/php/write_json.php';
$json_string = '';
$ch = curl_init($json_url);
$options = array(CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => array('Content-type: application/json'),
CURLOPT_POSTFIELDS => $json_string);
curl_setopt_array($ch, $options);
$json_string = curl_exec($ch);
echo $json_string;
get_ip.php calls write_json.php
if we suppose the client IP is : 76.2.35.46 and the server one is : 80.59.3.23
when I call http://www.xxxx.com/php/get_ip.php on a client browser
It shows me the Server IP not the client IP like this :
{
http_client: null,
http_x_forwarded_for: null,
http_x_forwarded: null,
http_forwarded_for: null,
http_forwarded: null,
remote_addr: "80.59.3.23"
}
How can I get the client IP instead of the server one ?
You are calling write_json via curl from the server... that is, the server is actually requesting the write_json file, so write_json is seeing the request come from the server. Why not just use an include rather than a curl call?
Not possible this way. You need to get the client ip first then send it as posted data to server via curl.
Trying to get client IP use following function that will return client IP
// Function to get the client IP address
function get_client_ip() {
$ipaddress = '';
if (getenv('HTTP_CLIENT_IP'))
$ipaddress = getenv('HTTP_CLIENT_IP');
else if(getenv('HTTP_X_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_X_FORWARDED_FOR');
else if(getenv('HTTP_X_FORWARDED'))
$ipaddress = getenv('HTTP_X_FORWARDED');
else if(getenv('HTTP_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_FORWARDED_FOR');
else if(getenv('HTTP_FORWARDED'))
$ipaddress = getenv('HTTP_FORWARDED');
else if(getenv('REMOTE_ADDR'))
$ipaddress = getenv('REMOTE_ADDR');
else
$ipaddress = 'UNKNOWN';
return $ipaddress;
}
After getting IP in a variable then send
Hi i am using a different account for google analytics and is returning an error:
GDataauthErrorAuthorizationInvalid Credentials
Though for my previous account is working fine. it could be because i missed some things in the registration process, could anyone give me a detailed steps for the registration to work for oauth 2.0 using api_key for google analytics v2.4
thank you
//returns session token for multiple calls to API
function get_session_token($onetimetoken) {
$output = call_api($onetimetoken, "https://www.google.com/accounts/AuthSubSessionToken");
if(preg_match("/Token=(.*)/", $output, $matches)) {
$sessionToken = $matches[1];
} else {
echo "Error authenticating with Google.";
exit;
}
return $sessionToken;
}
//gets the data
function call_api($sessionToken,$url){
$curl = curl_init($url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
if ($_SESSION['authSub']==true){
$curlheader[0] = sprintf("Authorization: AuthSub token=\"%s\"/n", $sessionToken);
} else {
$curlheader[0] = "Authorization: GoogleLogin auth=" . $sessionToken;
}
curl_setopt($curl, CURLOPT_HTTPHEADER, $curlheader);
$response = curl_exec($curl);
curl_close($curl);
return $response;
}
$requrlvisits = sprintf("https://www.googleapis.com/analytics/v2.4/data?ids=ga:%s&dimensions=ga:date&metrics=ga:visits,ga:pageviews,ga:bounces,ga:timeOnSite&start-date=%s&end-date=%s&sort=ga:date&key=%s",$get_profid[9],$date1,$date2,$api_key);
// echo $requrlvisits;
$visitsxml = call_api($_SESSION['sessionToken'],$requrlvisits);
$visits = parse_data($visitsxml);
print_r($visitsxml);