X-Cart: shopping cart software
Page 1 of 10 1 23 > Last »
Show 40 posts from this thread on one page

X-Cart forums (https://forum.x-cart.com/index.php)
-   Dev Questions (https://forum.x-cart.com/forumdisplay.php?f=20)
-   -   Logging IP numbers (https://forum.x-cart.com/showthread.php?t=863)

Cefko 12-04-2002 01:30 AM
Logging IP numbers
 
Today I realized that X-cart doesn't log IPs at orders and registrations.

It would help to take out fake users and fake orders - made intentionally, especialy with the different payment options. It would also help with frauds.

Is this just my wish?

B00MER 12-04-2002 06:53 AM
Not too much trouble but...

First we alter the xcart_orders table and add a new field named 'ip'. I did this with phpMyAdmin. Simply copy paste the code snippet into the SQL query box.

Code:
ALTER TABLE `xcart_orders` ADD `ip` VARCHAR( 15 ) NOT NULL ;

Next we open include/func.php, locate the func_place_order(); function, in my 3.2.2pro code its on line 1017.

Code:
#
# Insert into orders
#
db_query("insert into $sql_tbl[orders] (login, total, subtotal, shipping_cost, shippingid, tax, discount, coupon, coupon_discount, date, status, payment_method, flag, details, title, firstname, lastname, company, b_address, b_city, b_state, b_country, b_zipcode, s_address, s_city, s_state, s_country, s_zipcode, phone, fax, email, url, ip) values ('".addslashes($userinfo["login"])."', '$current_order[total_cost]', '$current_order[sub_total]','$current_order[shipping_cost]', '$cart[shippingid]', '$current_order[tax_cost]', '$current_order[discount]', '".addslashes($current_order[coupon])."', '$current_order[coupon_discount]', '".time()."', '$order_status', '".addslashes($payment_method)."', 'N', '".addslashes(text_crypt($order_details))."', '".addslashes($userinfo["title"])."', '".addslashes($userinfo["firstname"])."', '".addslashes($userinfo["lastname"])."', '".addslashes($userinfo["company"])."', '".addslashes($userinfo["b_address"])."', '".addslashes($userinfo["b_city"])."', '".addslashes($userinfo["b_state"])."', '".addslashes($userinfo["b_country"])."', '".addslashes($userinfo["b_zipcode"])."', '".addslashes($userinfo["s_address"])."', '".addslashes($userinfo["s_city"])."', '".addslashes($userinfo["s_state"])."', '".addslashes($userinfo["s_country"])."', '".addslashes($userinfo["s_zipcode"])."', '".addslashes($userinfo["phone"])."', '".addslashes($userinfo["fax"])."', '$userinfo[email]', '".addslashes($userinfo["url"])."','$_SERVER[REMOTE_ADDR]')");

Replace the db_query(); with this one. Note the $_SERVER[REMOTE_ADDR] at the end of the query storing the users remote IP.

Now we want to be able to see the order data in the admin.

Edit [skin1]/main/order_info.tpl add the following where ever you want the IP of the order displayed, I put mine under the email.

Code:
<tr>
        <td valign="top">IP Address</td>
        <td valign="top">{ $order.ip }</td>
</tr>

Good luck!
Please make a donation if you find this useful. :wink:

Cefko 12-05-2002 01:41 AM
Actually I did that myself before I posted this topic,
but I thought it would be nice if this code would be included in standard
release - since it is very important tool in fight against frauds.

But thank you for the quick response, now I know to who I'll turn when I'll have problems :)

Cefko 12-05-2002 01:56 AM
Just one question, why would you define ip as varchar(64)?

As system is now, you need 4*3 places + 3 dots = 15 places max?

Cefko 12-05-2002 02:53 AM
Since Boomer posted some code, I think I should too..

To add IP's to customer registration, customer changing profile, and adding to newsletter from profile do following.

In SQL enter
Code:
ALTER TABLE `xcart_customers` ADD `ip` VARCHAR( 15 ) NOT NULL ;
ALTER TABLE `xcart_maillist` ADD `ip` VARCHAR( 15 ) NOT NULL ;

Then open INCLUDE/REGISTER.PHP and change (in red)

on line 112
Code:
db_query("delete from $sql_tbl[maillist] where email='$email'");
        if($newsletter=="on") db_query("insert into $sql_tbl[maillist] (email, since_date,ip) values ('$email',now(),'$_SERVER[REMOTE_ADDR]')");

on line 122

Code:
        db_query("update $sql_tbl[customers] set password='$crypted', password_hint='$password_hint', password_hint_answer='$password_hint_answer', title='$title', firstname='$firstname', lastname='$lastname', company='$company', b_address='$b_address', b_city='$b_city', b_state='$b_state', b_country='$b_country', b_zipcode='$b_zipcode', s_address='$s_address', s_city='$s_city', s_state='$s_state', s_country='$s_country', s_zipcode='$s_zipcode', phone='$phone', email='$email', fax='$fax', url='$url', card_name='$card_name', card_type='$card_type', card_number='".text_crypt($card_number)."', card_expire='$card_expire', card_cvv2='$card_cvv2', pending_membership='$pending_membership', ssn='$ssn', ip='$_SERVER[REMOTE_ADDR]' where login='$login' and usertype='$login_type'");

on line 155

Code:
        db_query("insert into $sql_tbl[customers] (login,usertype,membership,password,password_hint,password_hint_answer,title,firstname,lastname,company,b_address,b_city,b_state,b_country,b_zipcode,s_address,s_city,s_state,s_country,s_zipcode,phone,email,fax,url,card_name,card_type,card_number,card_expire,card_cvv2,first_login,status,referer,pending_membership,ssn,ip) values ('$uname','$usertype','$membership','$crypted','$password_hint','$password_hint_answer','$title','$firstname','$lastname','$company','$b_address','$b_city','$b_state','$b_country','$b_zipcode','$s_address','$s_city','$s_state','$s_country','$s_zipcode','$phone','$email','$fax','$url','$card_name','$card_type','".text_crypt($card_number)."','$card_expire','$card_cvv2','".time()."','Y','$RefererCookie','$pending_membership','$ssn','$_SERVER[REMOTE_ADDR]')");

For displaying IP in customer profile, you can add following in MAIN/REGISTER.TPL

Code:
{if $usertype eq "A" or $usertype eq "P"}
<tr valign=middle>
<td align=right>IP:</td>
<td></td>
<td nowrap>
{$userinfo.ip}
</td>
</tr>
{/if}
You can remove {if} if you want to show your customers, that you log IPs


I'll post code for capturing IP from 'Newsletter signup box' later.[/code]

Blind Freddy 01-08-2003 01:37 AM
Hi,

Could someone please tell me if it is possible to take the IP address of the clients who register, do a WHOIS lookup, and then store the country in which their ISP is located into an X-Cart field?

thanks,
Eric G.

B00MER 01-08-2003 09:50 AM
Something like this would need to be implemented before this could happen:

:arrow: http://phpwhois.org

hth. :wink:

jpsowin 01-31-2003 01:10 PM
That would only work if they had a top-level domain name as their IP, which would be virutally no one. You can't do a WHOIS lookup for a regular IP.. a traceroute would be more the way to go.

Blind Freddy 01-31-2003 01:35 PM
Detection of geographical location of a user by the IP number of their ISP connection is now possible.

Have a look at www.geobytes.com

Have a look at the Flash animation.

The the possibilities are amazing!!

Regards,
Eric.

jpsowin 01-31-2003 04:29 PM
Yes, it's been available for a long time... but a WHOIS won't do it ;)
I've used http://visualroute.visualware.com for years.


All times are GMT -8. The time now is 12:13 PM.
Page 1 of 10 1 23 > Last »
Show 40 posts from this thread on one page

Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.