1. 技术文章
  2. Encrypting user's IP address before storing it

Encrypting user's IP address before storing it

社会主义新天地 提交于 2019-12-05 17:11:23

Yes, this is fine, though your terminology is wrong: this is hashing, and hashing is not encryption.

You should also parse the X-FORWARDED-FOR and Client-IP headers unless you want to block everyone behind a proxy as if they were a single user (e.g. everyone at large companies, high schools, etc).

GDP

You might want to consider converting the IP to a number. A little quicker on the lookup because it's numeric data and you can use INET_ATON() and INET_NTOA() in your queries.

http://dev.mysql.com/doc/refman/5.5/en/miscellaneous-functions.html#function_inet-aton

mysql> SELECT INET_ATON('10.0.5.9');
        -> 167773449

http://dev.mysql.com/doc/refman/5.5/en/miscellaneous-functions.html#function_inet-ntoa

mysql> SELECT INET_NTOA(167773449);
        -> '10.0.5.9'

PHP to Convert to a number

$ipA = $_SERVER["REMOTE_ADDR"];
$octets = split ("\.", $ipA);
$ipN = ($octets[3] + $octets[2] * 256 + $octets[1] * pow(256,2) + $octets[0] * pow(256,3);

Also, you might want to consider the IP Address you're using with this function:

/* Get Actual IP Address, in spite of proxy server */
function getRealIpAddr() {
    if (!empty($_SERVER['HTTP_CLIENT_IP']))   //check ip from share internet
    {   $ip=$_SERVER['HTTP_CLIENT_IP']; }
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))   //to check ip is pass from proxy
    {   $ip=$_SERVER['HTTP_X_FORWARDED_FOR']; }
    else
    {   $ip=$_SERVER['REMOTE_ADDR']; }
    return $ip;
}

RE-Edit for IPv6:

Principles all still apply, but IPv6 Conversions already answered at How to convert IPv6 from binary for storage in MySQL

标签
php
mysql
ip
ipv6
ipv4
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!