我很新的編碼PHP(非常新) ,我爲我的網站創建了一個登錄/註冊系統我目前有一個工作系統,輸入他們的「id int (11)「用戶名,電子郵件和密碼。我現在想添加一個IP列,在創建帳戶時記錄他們的IP。
創建帳戶時需要幫助記錄用戶的IP
我的問題很明顯是我如何才能增加我的代碼的方式來輸入的用戶的IP(只是對我來說,測試的東西和學到的東西網站)地址一旦他們創建一個帳戶在我的網站... 。
我對server.php當前的代碼
<?php
session_start();
// variable declaration
$username = "";
$email = "";
$errors = array();
$_SESSION['success'] = "";
// connect to database
$db = mysqli_connect('localhost','user','password','db')
or die('Error connecting to MySQL server.');
// REGISTER USER
if (isset($_POST['reg_user'])) {
// receive all input values from the form
$username = mysqli_real_escape_string($db, $_POST['username']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$password_1 = mysqli_real_escape_string($db, $_POST['password_1']);
$password_2 = mysqli_real_escape_string($db, $_POST['password_2']);
// form validation: ensure that the form is correctly filled
if (empty($username)) { array_push($errors, "Username is required"); }
if (empty($email)) { array_push($errors, "Email is required"); }
if (empty($password_1)) { array_push($errors, "Password is required"); }
if ($password_1 != $password_2) {
array_push($errors, "The two passwords do not match");
}
// register user if there are no errors in the form
if (count($errors) == 0) {
$password = md5($password_1);//encrypt the password before saving in the database
$query = "INSERT INTO users (username, email, password)
VALUES('$username', '$email', '$password')";
mysqli_query($db, $query);
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
mysql_error();
}
}
// ...
// LOGIN USER
if (isset($_POST['login_user'])) {
$username = mysqli_real_escape_string($db, $_POST['username']);
$password = mysqli_real_escape_string($db, $_POST['password']);
if (empty($username)) {
array_push($errors, "Username is required");
}
if (empty($password)) {
array_push($errors, "Password is required");
}
if (count($errors) == 0) {
$password = md5($password);
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'";
$results = mysqli_query($db, $query);
if (mysqli_num_rows($results) == 1) {
$_SESSION['username'] = $username;
$_SESSION['success'] = "You are now logged in";
header('location: index.php');
}else {
array_push($errors, "Wrong username/password combination");
}
}
}
?>
您還沒有提問任何問題 – symcbean
瞭解如何使用預處理語句。您可以在這裏打開SQL注入。 'mysqli_escape_string()'不足以保護你免受所有攻擊。 – miken32
@symcbean您可以清楚地看到我說的 「我現在想添加一個IP列,在創建帳戶時記錄他們的IP。」 我沒有來這裏告訴你我想做什麼...閱讀標題 –