Getting visitors IP and send to me via email

[sss_1234]

Hello all,

I currently use php to send me an email when someone fills out an enquiry form on my website.

I want to also receive the users IP address in this email.

I did some research and found that I should be using:

PHP Code:

$_SERVER['HTTP_X_FORWARDED_FOR']; 


I am having some difficulty adding this to my current php script that send s the email.

Here is the code I have tried:

PHP Code:

<?php
$to      = "XXX@XXX.com";
$subject = "Customer Contact";
$body = htmlentities($_POST["name"]);
$body .= "\n";
$body .= htmlentities($_POST["number"]);
$body .= "\n";
$body .= $_SERVER["HTTP_X_FORWARDED_FOR"];
$email = "XXX@XXX.com";

$headers = "From: $email";
mail($to, $subject, $body, $headers);
echo "";
die();
?>

Can anyone point me in the right direction from here?

Any help is much appreciated.

Kind regards Mike

[NogDog]

X_FORWARDED_FOR will only be received if (a) the request is going through a proxy server, (b) the proxy server "chooses" to send it (and even then there is no guarantee it is being truthful, so to speak), and (c) your web server decides to forward it to the PHP process. (It may also be used by some load-balancing systems.) You may want to test if it is empty or not, and then try other options:

PHP Code:

$userIpAddress = (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
   ? $_SERVER['HTTP_X_FORWARDED_FOR']
   : (!empty($_SERVER['REMOTE_ADDR']))
      ? $_SERVER['REMOTE_ADDR']
      : '[unknown IP]'
; 


[sss_1234]

Hi nogdog,

Thanks very much for your rapid response.

Your code worked perfectly!

Thanks again

Kind regards, Mike

[buradd]

X_FORWARDED_FOR will only be received if (a) the request is going through a proxy server, (b) the proxy server "chooses" to send it (and even then there is no guarantee it is being truthful, so to speak), and (c) your web server decides to forward it to the PHP process. (It may also be used by some load-balancing systems.) You may want to test if it is empty or not, and then try other options:

PHP Code:

$userIpAddress = (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
   ? $_SERVER['HTTP_X_FORWARDED_FOR']
   : (!empty($_SERVER['REMOTE_ADDR']))
      ? $_SERVER['REMOTE_ADDR']
      : '[unknown IP]'
; 


hello NogDog, I hope you are still around this thread.. i used your code here in order to get my php contact form to attach the senders IP to the body of the email.. i got it working in a way that replaced the sender all together with the name of my apache account @ my domain, but it DID put the remote IP (tested on cell networks) in the body, and also left the subject and body text in there...

however i cant seem to figure out how to get it to still show the email address that the user types into the contact form.. i can get it to show all the info inputted into the forms and no IP, or I can get the subject and body to print with an IP but the from@email seems to get stuck on the webserver itself, some kind of conflict im not good enough to figure it out

heres what i got going on, this is what makes it put the IP on the body but replaces the FROM name/email:

Code:

<?php
  // Change this to YOUR address
  $recipient = 'xxx@xxx.com';
  $email = $_POST['email'];
  $realName = $_POST['realname'];
  $subject = $_POST['subject'];
  $body = $_POST['body'];
  $userIpAddress = (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
   ? $_SERVER['HTTP_X_FORWARDED_FOR']
   : (!empty($_SERVER['REMOTE_ADDR']))
      ? $_SERVER['REMOTE_ADDR']
      : '[unknown IP]'
;
# We'll make a list of error messages in an array
  $messages = array();
# Allow only reasonable email addresses
if (!preg_match("/^[\w\+\-.~]+\@[\-\w\.\!]+$/", $email)) {
$messages[] = "That is not a valid email address.";
}
# Allow only reasonable real names
if (!preg_match("/^[\w\ \+\-\'\"]+$/", $realName)) {
$messages[] = "The real name field must contain only " .
"alphabetical characters, numbers, spaces, and " .
"reasonable punctuation. We apologize for any inconvenience.";
}
# CAREFUL: don't allow hackers to sneak line breaks and additional
# headers into the message and trick us into spamming for them!
$subject = preg_replace('/\s+/', ' ', $subject);
# Make sure the subject isn't blank afterwards!
if (preg_match('/^\s*$/', $subject)) {
$messages[] = "Please specify a subject for your message.";
}

$body = $_POST['body'];
# Make sure the message has a body
if (preg_match('/^\s*$/', $body)) {
$messages[] = "Your message was blank. Did you mean to say " .
"something?";
}
  if (count($messages)) {
    # There were problems, so tell the user and
    # don't send the message yet
    foreach ($messages as $message) {
      echo("<p>$message</p>\n");
    }
    echo("<p>Click the back button and correct the problems. " .
      "Then click Send Your Message again.</p>");
  } else {
    # Send the email - we're done
mail($recipient,
      $subject,
      $body,
      $userIpAddress,
      "From: $realName <$email>\r\n" .
      "Reply-To: $realName <$email>\r\n");
  }
?>

[buradd]

I was able to put a second mail string right after that just mails $receipient, $subject, $userIpAddress and the from email and real name, so its basically the same as the first just replacing the $body.. this sends me two emails obviously, one with all the form data the user fills out, and another with just the senders email and name and the IP in the body.. this is an acceptable bandaid for now but I really just want to receive one email that includes everything the user typed and then their IP stamped at the bottom of the body.. I don't know much about php but I have tried so many different combos I need clarification on this code please