Hello all, remember my website? well i need some more help some people have been abusing the contact us form on the site unfortunately so i need a way (in php) to be able to obtain the IP Address of someone sending in a contact us, and the possibility to disallow that IP to "Contact Us" via the form Any ideas?

EDIT: Here is the PHP Code:

code:

---

<?php

// get posted data into local variables
$EmailFrom = Trim(stripslashes($_POST['EmailFrom']));
$EmailTo = "admin@haboz.net";
$Subject = "Contact Us";
$Name = Trim(stripslashes($_POST['HabboName']));
$Query = Trim(stripslashes($_POST['Query']));

// validation
$validationOK=true;
if (Trim($EmailFrom)=="") $validationOK=false;
if (!$validationOK) {
  print "<meta http-equiv=\"refresh\" content=\"0;URL=http://www.haboz.net/v6/contact_us_error.php>";
  exit;
}

// prepare email body text
$Body = "";
$Body .= "Habbo Name: ";
$Body .= $Name;
$Body .= "\n";
$Body .= "Query: ";
$Body .= $Query;
$Body .= "\n";

// send email
$success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom>");

// redirect to success page
if ($success){
  print "<meta http-equiv=\"refresh\" content=\"0;URL=http://www.haboz.net/v6/contact_us_ok.php>";
}
else{
  print "<meta http-equiv=\"refresh\" content=\"0;URL=http://www.haboz.net/v6/contact_us_error.php>";
}
?>

---

code:

---

$ip = $_SERVER[REMOTE_ADDR];//Add this in your message

---

code:

---

$spammers = array(
                'IP 1',
                'IP 2',
                'IP 2'
                );
for($i=0;$i<sizeof($spammers);$i++) {
            if(strpos($ip, $spammers[$i])!==false) {
                //Display you are a spammer and are not allowed to view this page
            }
        }

---

So like this

code:

---

<?php

// get posted data into local variables
$EmailFrom = Trim(stripslashes($_POST['EmailFrom']));
$EmailTo = "admin@haboz.net";
$Subject = "Contact Us";
$Name = Trim(stripslashes($_POST['HabboName']));
$Query = Trim(stripslashes($_POST['Query']));
$ip = $_SERVER[REMOTE_ADDR];

// validation
$validationOK=true;$ip =
if (Trim($EmailFrom)=="") $validationOK=false;
if (!$validationOK) {
  print "<meta http-equiv=\"refresh\" content=\"0;URL=http://www.haboz.net/v6/contact_us_error.php>";
  exit;
}

// prepare email body text
$Body = "";
$Body .= "Habbo Name: ";
$Body .= $Name;
$Body .= "\n";
$Body .= "Query: ";
$Body .= $Query;
$Body .= "\n";


// send email
$success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom>");

// redirect to success page
if ($success){
  print "<meta http-equiv=\"refresh\" content=\"0;URL=http://www.haboz.net/v6/contact_us_ok.php>";
}
else{
  print "<meta http-equiv=\"refresh\" content=\"0;URL=http://www.haboz.net/v6/contact_us_error.php>";
}
$spammers = array(
'IP 1',
'IP 2',
'IP 2'
    );
for($i=0;$i<sizeof($spammers);$i++) {
if(strpos($ip, $spammers[$i])!==false) {
//Display you are a spammer and are not allowed to view this page
}
}
?>

---

You didn't get me right
For the php

code:

---

<?php
// get posted data into local variables
$EmailFrom = Trim(stripslashes($_POST['EmailFrom']));
$EmailTo = "admin@haboz.net";
$Subject = "Contact Us";
$Name = Trim(stripslashes($_POST['HabboName']));
$Query = Trim(stripslashes($_POST['Query']));
$Ip = $_SERVER[REMOTE_ADDR];

$spammers = array(
'IP 1',
'IP 2',
'IP 2'
    );
for($i=0;$i<sizeof($spammers);$i++) {
if(strpos($ip, $spammers[$i])!==false) {
    header('Location: contact_us_spammer.php');
}
}

// validation
$validationOK=true;
if (Trim($EmailFrom)=="") $validationOK=false;
if (!$validationOK) {
  header('Location: contact_us_error.php'); 
}

// prepare email body text
$Body = "";
$Body .= "Habbo Name: ";
$Body .= $Name;
$Body .= "\n";
$Body .= "IP: ";
$Body .= $Ip;
$Body .= "\n";
$Body .= "Query: ";
$Body .= $Query;
$Body .= "\n";

// send email
$success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom>");

// redirect to success page
if ($success){
  header('Location: contact_us_ok.php');
}
else{
  header('Location: contact_us_error.php');
}
?>

---

underneath

code:

---

//Display you are a spammer and are not allowed to view this page

---

code:

---

header('Location: http://yoursite.com/bannage.html');

---

Felu: Bad idea relying on the form like that. It would be extremely easy for a spammer to fake his IP address.

quote:

---

Originally posted by WDZ
Felu: Bad idea relying on the form like that. It would be extremely easy for a spammer to fake his IP address.

---

quote:

---

Originally posted by Eddie
to be able to obtain the IP Address of someone sending in a contact us, and the possibility to disallow that IP to "Contact Us" via the form

---

By "relying on the form," I mean passing the IP address via the form using that hidden field. It would be much easier and safer to use $_SERVER['REMOTE_ADDR'] in the script, and don't change the form at all.

ok me and felu sorted out the form and deleted stuff we changed, heres the php code now:

code:

---

<?php
// get posted data into local variables
$EmailFrom = Trim(stripslashes($_POST['EmailFrom']));
$EmailTo = "admin@haboz.net";
$Subject = "Contact Us";
$Name = Trim(stripslashes($_POST['HabboName']));
$Query = Trim(stripslashes($_POST['Query']));
$Ip = $_SERVER[REMOTE_ADDR];

$spammers = array('banned ip here (felus was here)');
for($i=0;$i<sizeof($spammers);$i++) {
if(strpos($ip, $spammers[$i])!==false) {
header('Location: contact_us_ban.php');
}
}
// validation
$validationOK=true;
if (Trim($EmailFrom)=="") $validationOK=false;
if (!$validationOK) {
  header('Location: contact_us_error.php'); 
}
// prepare email body text
$Body = "";
$Body .= "Habbo Name: ";
$Body .= $Name;
$Body .= "\n";
$Body .= "IP: ";
$Body .= $Ip;
$Body .= "\n";
$Body .= "Query: ";
$Body .= $Query;
$Body .= "\n";

// send email
$success = mail($EmailTo, $Subject, $Body, "From: <$EmailFrom>");
// redirect to success page
if ($success){
  header('Location: contact_us_ok.php');
}
else{
  header('Location: contact_us_error.php');
}
?>

---