Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 13 of 13
  1. #1
    New to the CF scene
    Join Date
    Sep 2002
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Programmer, need IP script!

    Hi,

    I'm looking for a script that will do this:

    All IP addresses will be excluded from viewing a certain group of web-pages.

    However, when somebody makes a purchase from a visible page, they are redirected to a page where their IP address gets logged, and then they are automatically able to view all of the restricted pages at the site...all of the sudden the once restricted pages will pop-up on their computer.

    If they want a refund, I can manually open up the script, and delete their IP address from being included, then upload the page.


    Perhaps PHP? ASP?

  • #2
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    Do you want your site to remember these people for next time ? , if so you need to look at something more reliable than the IP address which will change for manyusers on a daily basis.

    If its a one-shot thing then <?$ip=$_SERVER[PHP_SELF];?> will grab the IP for you.

    I would recommend looking at sessions and/or a user/pass scheme to be really sure, again it depends what you are doing and why.
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #3
    New to the CF scene
    Join Date
    Sep 2002
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    hmm

    I was just thinking of a cheap and uncomplicated way to have a subscription based section of a website...one that didn't require a username and password, but instead would remember their IP address

  • #4
    Regular Coder
    Join Date
    Jun 2002
    Location
    NL
    Posts
    421
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Millions of dial-up users don't have their own IP number. It's different every time they surf the web.
    Also, when someone subscribes to your site while at work, he/she wouldn't be able to log in from home.

  • #5
    New Coder
    Join Date
    Sep 2002
    Location
    Up North (UK)
    Posts
    46
    Thanks
    0
    Thanked 0 Times in 0 Posts
    JGjg,

    Cookies are the answer. If the user registers on your site write a cookie to their machine. You can record the value written to the machine and hence track which user is trying to access your site and permit those.

    If the user doesn't have a cookie or the value isn't know by your site then your don't display the page.

  • #6
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    but not everyone will have cookies enabled (though most will) and cookies can be spoofed, which is why most subscription based sites use some type of server-side validation.
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #7
    New to the CF scene
    Join Date
    Sep 2002
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts

    ahh

    I should probably learn more about cookies and IP addresses.

    The system I have in mind wouldn't need to be super crypto.

    Maybe it could include a range of IP for the dial-ups and offer the option of registering 2 locations.

    It's just an idea...I was getting sick of looking for passwords to cut and paste for some reg sites.


    -JG

  • #8
    New Coder
    Join Date
    Sep 2002
    Location
    Up North (UK)
    Posts
    46
    Thanks
    0
    Thanked 0 Times in 0 Posts
    cookies can be spoofed
    Agreed, but if the server maintains a database of valid cookie values and the range of possible values is sufficiently large, then the likelyhood of being to stumble over another valid one is very remote.

  • #9
    Senior Coder
    Join Date
    Jun 2002
    Location
    41 8' 52" N -95 53' 31" W
    Posts
    3,660
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Cookies are still not the answer since someone that registers for your site at work, and then tries to access it from another computer will not have the cookie on the latter computer.

    You absolutely cannot depend on IP addresses or cookies. IP addresses will probably change each time a dialup user logs on to the internet, and they may even change regularly with a high-speed cable or dsl user depending on their provider.

    And regarding cookies, the client may not even have them enabled.

    First of all you should understand the difference between client-side (what only is available on an individual user's computer, like a cookie or javascript) and server-side (which allows you to save information on a server to a database or a text file, independent of clients).

    What you need to do is save their login information to a database (or at the very least, a text file - but learning databases is better and easier, since that's what they are for), and check the database when they login. It's one of the first things you should learn when you are doing this kind of thing.

    If I were you I'd go through some relational database tutorials (they are not very hard), and go from there.

    Check out http://hotwired.lycos.com/webmonkey/backend/databases/

    The very first tutorial there, "Rugged ASP" is the best introductory relational database tutorial I'm aware of. And even though it's in ASP, the whole concept of relational databases applies to every server-side language.

    Last edited by whammy; 11-10-2002 at 06:36 PM.
    Former ASP Forum Moderator - I'm back!

    If you can teach yourself how to learn, you can learn anything. ;)

  • #10
    New Coder
    Join Date
    Sep 2002
    Posts
    60
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Cookies are part of the answer!

    Hi whammy,

    I have to disagree - Cookies are the answer to this sort of problem - well at least in part.

    As you rightly say - they're not the full answer. They are most useful where you have some user identifying information for a site where you don't want to bother the user with logging on each time - but you have to provide another mechanism where the user may log on from more than one computer.

    IP address is pretty useless. Not only does it change on most dialups, but to try to use it to identify an individual is futile - someone buys something from the site at an "internet cafe" - the static IP is captured and then anyone else who goes there is recognised as that person?

    No - just look at the way this forum works round the problem - cookies stop you from having to log by username and password on every visit, but the facility is there to do so on a new computer. You have the option to turn on or off cookie usage so that your cookie is not stored where you don't want it, or if you're just a paraniod who believes cookies are just evil.

    You have to go for a combination of approaches like this to achieve anything which will be of any use.

  • #11
    Senior Coder
    Join Date
    Jun 2002
    Location
    41 8' 52" N -95 53' 31" W
    Posts
    3,660
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I didn't say not to use cookies to remember visitors - but without a login database they are practically useless if you want to know if someone has subscribed to your website.

    'Cause anytime they deleted their cookies, they'd either have to resubscribe or contact the webmaster, and that would get annoying to them (and you) rather quickly.
    Former ASP Forum Moderator - I'm back!

    If you can teach yourself how to learn, you can learn anything. ;)

  • #12
    New Coder
    Join Date
    Sep 2002
    Posts
    60
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hmmm...isn't that what I said?

    Hey Whammy - lighten up! Is it that time of the month again - or are you normally like this?

    I lol when you suggested fivesidecube read a tutorial about server side things - I think you'd probably find he knows rather a lot about the subject...if you'd bothered to ask rather than disparage!

  • #13
    Senior Coder
    Join Date
    Jun 2002
    Location
    41 8' 52" N -95 53' 31" W
    Posts
    3,660
    Thanks
    0
    Thanked 0 Times in 0 Posts
    You're right, he probably does - I read the post as if he was replying to the original poster... my bad there. :|

    I'm just trying to convince the original poster that a database (in conjunction with cookies is fine) MUST be used (and not IP addresses), in order to log someone into a website if you're going to have people register online.

    As for you saying "Isn't that what I just said?" You pretty much said in your first post what I had said in my previous post as well.
    Last edited by whammy; 11-10-2002 at 04:36 AM.
    Former ASP Forum Moderator - I'm back!

    If you can teach yourself how to learn, you can learn anything. ;)


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •