Skip to content
This repository was archived by the owner on May 31, 2020. It is now read-only.

Accurate client IP address #37

Open
DubStepMad wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Accurate client IP address #37

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
70cf4cb
Update functions.php
DubStepMad Jul 4, 2018
c3bc3a4
Update login.php
DubStepMad Jul 4, 2018
b762449
Update login.php
DubStepMad Jul 4, 2018
5a9518c
Merge branch 'Jason2605:master' into master
DubStepMad Aug 12, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 20 additions & 0 deletions functions.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -125,3 +125,23 @@ function logs($perms, $column, $pid, $user, $dbcon, $player, $val)
}
}
}

function get_client_ip_server() {

if ($_SERVER['HTTP_CLIENT_IP'])
$Address = $_SERVER['HTTP_CLIENT_IP'];
else if($_SERVER['HTTP_X_FORWARDED_FOR'])
$Address = $_SERVER['HTTP_X_FORWARDED_FOR'];
else if($_SERVER['HTTP_X_FORWARDED'])
$Address = $_SERVER['HTTP_X_FORWARDED'];
else if($_SERVER['HTTP_FORWARDED_FOR'])
$Address = $_SERVER['HTTP_FORWARDED_FOR'];
else if($_SERVER['HTTP_FORWARDED'])
$Address = $_SERVER['HTTP_FORWARDED'];
else if($_SERVER['REMOTE_ADDR'])
$Address = $_SERVER['REMOTE_ADDR'];
else
$Address = 'UNKNOWN';

return $Address;
}
9 changes: 5 additions & 4 deletions login.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@

include 'verifyPanel.php';
loginconnect();
get_client_ip_server()

if (!$dbconL) {
echo 'Database connection error';
Expand All @@ -34,14 +35,14 @@

if ($username && $password) {
if (!isset($_SESSION['failedLogin'])) {
$sql = "SELECT * FROM access WHERE address = '$_SERVER[REMOTE_ADDR]'";
$sql = "SELECT * FROM access WHERE address = '$Address'";
$sqldata = mysqli_query($dbconL, $sql) or die('Connection could not be established - LOG');

if (mysqli_num_rows($sqldata) == 0) {
$sqli = "INSERT INTO access (address,failed) VALUES ('$_SERVER[REMOTE_ADDR]',0)";
$sqli = "INSERT INTO access (address,failed) VALUES ('$Address',0)";
$sqlinput = mysqli_query($dbconL, $sqli) or die('Connection could not be established - LOG');

$sql = "SELECT * FROM access WHERE address = '$_SERVER[REMOTE_ADDR]'";
$sql = "SELECT * FROM access WHERE address = '$Address'";
$sqldata = mysqli_query($dbconL, $sql) or die('Connection could not be established - LOG');
}
$user = $sqldata->fetch_object();
Expand Down Expand Up @@ -97,7 +98,7 @@
$_SESSION['perms'] = $perms;
$_SESSION['failedLogin'] = 0;

$sqlget = "UPDATE access SET failed = 0 WHERE address = '$_SERVER[REMOTE_ADDR]'";
$sqlget = "UPDATE access SET failed = 0 WHERE address = '$Address'";
$res = mysqli_query($dbconL, $sqlget);

if ($_SESSION['failedLogin'] >= 5) {
Expand Down