每次获取不同的IP
我正在为 Facebook 粉丝页面创建一个民意调查脚本:
http: //www.facebook.com/apps/application.php?id=115400635147687&v=app_115400635147687
我正在使用以下方式获取IP:
$_SERVER['REMOTE_ADDR']
但问题是每次我刷新页面或进行ajax调用时, IP每次都变。有人告诉我 Facebook 有很多 IP、代理。
基本上我需要将IP保存在数据库中,这样一旦某个IP的用户投票了,他就不能再这样做了。
有什么解决方案或替代方案吗?
I am creating a poll script for a facebook fan page:
http://www.facebook.com/apps/application.php?id=115400635147687&v=app_115400635147687
I am getting the IP using:
$_SERVER['REMOTE_ADDR']
But the problem is that each time I refresh the page, or make an ajax call, the IP is changed everytime. Someone told me that facebook has many IPs, proxies.
Basically I need to save the IP in database, so that once a user from certain IP has voted, he should not be able to do so again.
What is the solution or alternative to this??
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
通过 IP 阻止并不是真正可靠的做法(需要考虑共享同一公共 IP 的人)。既然是 Facebook 应用程序,难道就不能通过登录的 Facebook 帐户来屏蔽吗?
Blocking by IP is not really a reliable way of doing things (need to consider about people sharing the same public IP). Since it is a Facebook application, can't you instead block by the logged on Facebook account instead?
我假设链接页面顶部的 IP 就是您正在处理的 IP。如果我们进行 whois:
我们会发现这些 IP 属于 Facebook 的服务器,而不是您的用户。
如果我理解正确的话,当有人从您的应用程序请求页面时,Facebook 的服务器会代表他们向您请求该页面。在这种情况下,您将无法获取用户的 IP。
I assume the IP at the top of the linked page is what you're dealing with. If we do a whois:
We find that those IPs belong to Facebook's servers, not to your users.
If I understand what's happening correctly, when someone requests a page from your application, Facebook's servers request it from you on their behalf. In that case, you simply won't be able to get your users' IPs.
请注意,在 Facebook 中开发粉丝页面时,Facebook 服务器本质上充当代理。也就是说,用户的浏览器向 Facebook 请求该页面,然后 Facebook 的服务器向您的网站发出请求以获取内容。然后 Facebook 服务器重写所有链接和 Javascript,以便任何回调首先通过 Facebook 服务器。
最后,这意味着您将永远在您的服务器上看到用户的“实际”IP 地址:您只能看到 Facebook 的 IP 地址。
据我了解,这样做是出于隐私原因。也就是说,用户必须明确允许您的应用程序访问他们的个人资料,然后您才能获取有关他们的任何“可识别”信息。
Note that when developing a fan page in Facebook, the Facebook servers essentially act as a proxy. That is, the user's browser asks Facebook for the page, then Facebook's servers make a request to your website to get the content. The Facebook server then rewrites all links and Javascript so that it any callbacks go through the Facebook servers first.
In the end, that means that you'll never see the user's "actual" IP address on your server: you'll only ever see Facebook's IP addresses.
This is done for privacy reasons, as I understand it. That is, the user will have to explicitly allow your application to access their profile before you will be able to get any "identifiable" information about them.
我终于找到了完美的解决方案。基本上,当你执行 ajax post 时,你可以使用以下方法获取用户的 id:
I found the perfect solution finally. Basically when you do ajax post, you can get the user's id using: