Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6

Thread: Signup check?

  1. #1
    Regular Coder
    Join Date
    Jul 2011
    Posts
    272
    Thanks
    63
    Thanked 1 Time in 1 Post

    Signup check?

    Ok I have a simple signup form on my website:

    PHP Code:
    <form action="doregister.php" method="post">
      <table width="220" border="0" align="center" cellpadding="0" cellspacing="0">
        <tr>
          <td colspan="2"><div class="menu"> <span class="menu_txt">Register</span></div></td>
        </tr>
        <tr>
          <td colspan="2" bgcolor="#10d305"></td>
        </tr>
        <tr>
          <td bgcolor="#10d305" class="freeroll_txt">Username </td>
          <td bgcolor="#10d305"><input name="u" type="text" size="16" maxlength="16" /></td>
        </tr>
        <tr>
          <td bgcolor="#10d305" class="freeroll_txt">Password</td>
          <td bgcolor="#10d305"><input name="p" type="password" size="16" maxlength="16" /></td>
        </tr>
        <tr>
          <td bgcolor="#10d305" class="freeroll_txt">Email</td>
          <td bgcolor="#10d305"><input name="e" type="text" size="16" maxlength="75" /></td>
        </tr>
        <tr>
          <td bgcolor="#10d305" class="freeroll_txt">Location</td>
          <td bgcolor="#10d305"><select name="country" style="width:150px;" id="country">
            <option value="United States" selected="selected">United States</option>
            <option value="Canada">Canada</option>
            <option value="United Kingdom" >United Kingdom</option>
    a whole bunch of <options> here
          </select></td>
        </tr>
        <tr>
          <td bgcolor="#10d305" class="freeroll_txt">Address</td>
          <td bgcolor="#10d305"><input type="text" name="address" size="16" /></td>
        </tr>
        <tr>
          <td bgcolor="#10d305" class="freeroll_txt">Phone Number</td>
          <td bgcolor="#10d305"><input type="text" name="phone" size="16" /></td>
        </tr>
        <tr>
          <td bgcolor="#10d305" class="freeroll_txt">Age</td>
          <td bgcolor="#10d305"><input type="text" name="age" size="5" /></td>
        </tr>
        <tr>
          <td bgcolor="#10d305" class="freeroll_txt">Gender</td>
          <td bgcolor="#10d305"><select name="gender" size="1">
            <option value='male'>Male</option>
            <option value='female'>Female</option>
          </select></td>
        </tr>
        <tr>
          <td bgcolor="#10d305" class="freeroll_txt">Referrer </td>
          <td bgcolor="#10d305"><input name="ref" type="text" value="<?=$_GET['ref']?>" size="10" /></td>
        </tr>
        <tr>
          <td colspan="2" bgcolor="#10d305"><div align="center">
            <input type="submit" value="Register" />
    <br>
    By clicking Register, you agree to our <a href='terms.php'target=”_blank”>TOS</a>
        <tr>
          <td bgcolor="#10d305"><input type="hidden" name="ip" value="<?php echo $_SERVER['REMOTE_ADDR']; ?>" size="10" /></td>
        </tr>
          </div></td>
        </tr>
      </table>
    </form>
    <br />

    Now the doregister page says this:

    PHP Code:
    <? 
    session_start
    ();
    include(
    "config.php"); 
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title><?=$title?></title>
    <link href="style.css" rel="stylesheet" type="text/css" />
      <meta name="description" content="<?=$metadesc?>" />
      <meta name="keywords" content="<?=$metakeywords?>" />

    </head>
    <body>

    <?php
    $showip 
    $_SERVER['REMOTE_ADDR']
    ?>

    <table width="960" border="0" align="center" cellpadding="0" cellspacing="0">
      <tr>
        <td colspan="2"><img src="images/logo.png" alt="" width="322" height="90" /></td>
      </tr>
       <tr>
        <td colspan="2">
        <? 
        
    if ($_SESSION['Board']) {
        include (
    "membersnav.php");
        } else {
        include (
    "nav.php"); 
        }    
        
    ?>
        </td>
        </tr>
         <tr>
        <td colspan="2">
    </td>
      </tr>
         <tr>
        <td width="240" height="661" valign="top" bgcolor="#2baa0e"><br />

        <? 
            
    if ($_SESSION['Board']) {
            } else {
        include(
    "login_inc.php"); 
        include(
    "register_inc.php"); 
            }
        
    ?>
        
        
    <div align="center"><? include("sidebar1.php"); ?></div></td>
        <td width="720" height="661" valign="top" bgcolor="#2baa0e">
     <div align="center">
       <table width="710" border="0" cellspacing="0" cellpadding="3">
         <tr>
           <td valign="top"><br />
             <table width="710" border="0" align="center" cellpadding="0" cellspacing="0">
            <tr>
            <td><div class="menu">
              <span class="menu_txt">Register</span></div>
            </td>
          </tr>
          <tr>
            <td bgcolor="#10d305">
             
          </td>
          </tr>
          <tr>
            <td bgcolor="#10d305">  <div align="center">       
            <?

    $u 
    $_POST['u'];
    $p $_POST['p'];
    $e $_POST['e'];
    $country $_POST['country'];
    $address $_POST['address'];
    $phone $_POST['phone'];
    $g $_POST['gender'];
    $a $_POST['age'];
    $ref $_POST['ref'];
    $ip $_POST['ip'];

    $u htmlspecialchars($u);
    $p htmlspecialchars($p);
    $e htmlspecialchars($e);
    $g htmlspecialchars($g);
    $d htmlspecialchars($d);
    $ref htmlspecialchars($ref);
    $ip htmlspecialchars($ip);

    if(
    $u && $p && $e && $a && $g && $ip) {
    $check mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`=\"$u\""));

    if(
    $check==0) {

            
    $month $_POST['month'];
            
    $day $_POST['day'];
            
    $year $_POST['year'];
            
    $sign $_POST['sign'];
            
            
    $month htmlspecialchars($month);
            
    $day htmlspecialchars($day);
            
    $year htmlspecialchars($year);
            
    $sign htmlspecialchars($sign);
            
                 
    $date date("m/d/y");
                 
                
    // remove spaces
                // $uu = str_replace (" ", '$u', $uu);
                // echo $uu;
                // echo $u;
                // die;
                 
                     
    $insert mysql_query("INSERT INTO `members` (`country`, `address`, `phone`, `gender`, `age`, `date`, `dob`, `username`, `password`, `email`, `ref`, `ip` ) VALUES('$country', '$address', '$phone', '$g', '$a', '$date', '$month/$day/$year', \"$u\", \"$p\", \"$e\", \"$ref\", '$ip')");
    $msg mysql_query("INSERT INTO `messages` (`to`, `from`, `subject`, `message`, `status`, `date`) VALUES(\"$u\", 'admin', 'Welcome', '$mess', 'unread', '$date')");
    $rctpts mysql_query("INSERT INTO `recentpoints` (`message`) VALUES('$u just joined! Welcome!')");
                     
                     
                         
                            
    $_SESSION['Board'] = $u;
                             if (
    session_register('Board')) {
                                  print 
    "You have been registered. You are now able
                                  to access all of the features on this site.<p>
                                  <a href=\"index.php\">Click here to continue</a>"
    ;
                                  print 
    "";
                             }
                             else {
                                  print 
    "Cant set session!";
                             }
                    
        }
        else {
             print 
    "User already exists!";
        }
    }
    else {
         print 
    "All fields required!";
    }
    ?>
            </div></td>
          </tr>
          </table><br />         <div align="center"></div>
    </td>
         </tr>
       </table>
     </div>
    </td>
      </tr>
         <tr>
           <td colspan="2"><br />
           <? include ("footer.php"); ?></td>
         </tr>
    </table>


    </body>
    </html>
    Now how would i take the $ip and check the Members database and if it is already in there Echo "Only one account per IP!"

  • #2
    Regular Coder
    Join Date
    Jul 2011
    Posts
    272
    Thanks
    63
    Thanked 1 Time in 1 Post
    This was a LOT simpler then I thought.

    PHP Code:

    ...

    if(
    $u && $p && $e && $a && $g && $ip) {
    $check mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`=\"$u\""));
    $ipcheck mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `ip`=\"$ip\""));

    if(
    $ipcheck==0) {
    if(
    $check==0) {

    .... 
    and at the end..


    PHP Code:

    ....

               }
               else {
                 print 
    "Only one account per IP!";
               }
    }
    else {
         print 
    "All fields required!";
    }
    ?> 

  • #3
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,458
    Thanks
    76
    Thanked 4,373 Times in 4,338 Posts
    Ummm...and what will you do about members who signup who have companies such as AOL or Earthlink as their ISPs?

    Such companies (a) don't assign static IPs, so each time a user logs in to your site he/she may have a *different* IP and (b) any give IP address may be used by thousands or even hundreds of thousands of users.

    Even people such as myself, who have a unique IP address, may be serviced by a large company such as GoDaddy or Frontier which reserves the right to change their IP address at any time. (I know that occurred to me recently. A site to which I have special privileges locked me out because my IP address was changed by my host. Fortunately, I have a "back door" and was able to go change my credentials, else I'd have had to have asked the site manager to go in and manually change it for me.)

    In short, IP addresses are among the worst ways to identify your users.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #4
    Regular Coder
    Join Date
    Jul 2011
    Posts
    272
    Thanks
    63
    Thanked 1 Time in 1 Post
    its just a way to stop signups with the same IP, thats all

  • #5
    Supreme Master coder! Old Pedant's Avatar
    Join Date
    Feb 2009
    Posts
    25,458
    Thanks
    76
    Thanked 4,373 Times in 4,338 Posts
    Obviously you didn't read what I wrote. What do you do if you have, say, two Earthlink customers who both want to sign up. And just by coincidence they get assigned the same IP address???

    One more time: An IP address can *NOT* be used to identify a single person. If you only have a dozen people on your site, you *might* be okay.
    An optimist sees the glass as half full.
    A pessimist sees the glass as half empty.
    A realist drinks it no matter how much there is.

  • #6
    Senior Coder
    Join Date
    Dec 2005
    Location
    Slovenia
    Posts
    1,963
    Thanks
    120
    Thanked 76 Times in 76 Posts
    Quote Originally Posted by Old Pedant View Post
    One more time: An IP address can *NOT* be used to identify a single person. If you only have a dozen people on your site, you *might* be okay.
    If they all have static ip & all only one person accessing your site per 1 ip. Close to impossible situation as Old Pedant said.
    Last edited by BubikolRamios; 10-11-2011 at 05:07 PM.
    Found a flower or bug and don't know what it is ?
    agrozoo.net galery
    if you don't spot search button at once, there is search form:
    agrozoo.net galery search


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •