Forum: Ruby on Rails Stealing users IP address

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Mohammad R. (Guest)
on 2006-04-27 06:49
Is there a functiaon to take the IP address of person who submits to a
form
example:
<input id="user_ip" name="user[ip]" type="hidden" value="<%=
some_ip_call %>" />
Wilson B. (Guest)
on 2006-04-27 06:54
(Received via mailing list)
On 4/26/06, Mohammad <removed_email_address@domain.invalid> wrote:
> Is there a functiaon to take the IP address of person who submits to a
> form
> example:
> <input id="user_ip" name="user[ip]" type="hidden" value="<%=
> some_ip_call %>" />
>

In your controller action, you can invoke:
request.remote_ip

You don't need a field on the form.
Mohammad R. (Guest)
on 2006-04-27 07:50
Wilson B. wrote:
> On 4/26/06, Mohammad <removed_email_address@domain.invalid> wrote:
>> Is there a functiaon to take the IP address of person who submits to a
>> form
>> example:
>> <input id="user_ip" name="user[ip]" type="hidden" value="<%=
>> some_ip_call %>" />
>>
>
> In your controller action, you can invoke:
> request.remote_ip
>
> You don't need a field on the form.
I got this error
undefined local variable or method `request' for
ApplicationController:Class
Robby R. (Guest)
on 2006-04-27 08:20
(Received via mailing list)
On Apr 26, 2006, at 8:50 PM, Mohammad wrote:

>> In your controller action, you can invoke:
>> request.remote_ip
>>
>> You don't need a field on the form.
> I got this error
> undefined local variable or method `request' for
> ApplicationController:Class


What version of Rails are you running?

Robby

Robby R.
Founder & Executive Director

PLANET ARGON, LLC
Ruby on Rails Development, Consulting & Hosting

www.planetargon.com
www.robbyonrails.com

+1 503 445 2457
+1 877 55 ARGON [toll free]
+1 815 642 4968 [fax]
Mohammad R. (Guest)
on 2006-04-27 08:26
Robby R. wrote:
> On Apr 26, 2006, at 8:50 PM, Mohammad wrote:
>
>>> In your controller action, you can invoke:
>>> request.remote_ip
>>>
>>> You don't need a field on the form.
>> I got this error
>> undefined local variable or method `request' for
>> ApplicationController:Class
>
>
> What version of Rails are you running?
>
> Robby
>
> Robby R.
> Founder & Executive Director
>
> PLANET ARGON, LLC
> Ruby on Rails Development, Consulting & Hosting
>
> www.planetargon.com
> www.robbyonrails.com
>
> +1 503 445 2457
> +1 877 55 ARGON [toll free]
> +1 815 642 4968 [fax]

Ruby version	1.8.4 (i386-mswin32)
RubyGems version	0.8.11
Rails version	1.1.2
Active Record version	1.14.2
Action Pack version	1.12.1
Action Web Service version	1.1.2
Action Mailer version	1.2.1
Active Support version	1.3.1
unknown (Guest)
on 2006-04-27 11:54
(Received via mailing list)
Just making sure you know... the IP address is a very unreliable piece
of information. It changes all the time for most users. AOL users have
a different IP address for every request, for example, and for dial-up
and most DSL users, it changes every time they connect. It can be
useful sometimes for trying to spot trends in usage, or, to an extent,
finding out where someone is from
Mohammad (Guest)
on 2006-04-27 16:02
unknown wrote:
> Just making sure you know... the IP address is a very unreliable piece
> of information. It changes all the time for most users. AOL users have
> a different IP address for every request, for example, and for dial-up
> and most DSL users, it changes every time they connect. It can be
> useful sometimes for trying to spot trends in usage, or, to an extent,
> finding out where someone is from

So is there an efficent way to ban someone from my site?
unknown (Guest)
on 2006-04-27 16:23
(Received via mailing list)
The best way I've found, although still reasonably easy to get around,
is to use a combination of a cookie and an IP address. If either is
matched to a banned list, they don't get in.

Also, depending on the nature of the site, it can be possible to have
fake site features for banned users to hide the fact that they have
been banned. It will fool some, believe me.

-Nathan
unknown (Guest)
on 2006-04-27 16:27
(Received via mailing list)
Oh, and just to clarify, the point of hiding from users that they've
been banned is so that they deliberately don't try to get around your
banning method.
Brian H. (Guest)
on 2006-04-27 17:15
(Received via mailing list)
Hey, I really like that idea :)
unknown (Guest)
on 2006-04-27 18:18
(Received via mailing list)
It's good isn't it. There are parts of my site which anyone can edit,
and I'm working out how to set it up so that when a blocked user edits
something, their changes come up for them once they submit (using
ajax) just as if they were a normal user. If they were to refresh the
page, however, they would notice that their changes haven't actually
had any effect at all. Cool, huh?
-Nathan
Jason S. (Guest)
on 2006-04-28 22:58
(Received via mailing list)
On 27/04/06 15:16 +0100, removed_email_address@domain.invalid wrote:
> It's good isn't it. There are parts of my site which anyone can edit,
> and I'm working out how to set it up so that when a blocked user edits
> something, their changes come up for them once they submit (using
> ajax) just as if they were a normal user. If they were to refresh the
> page, however, they would notice that their changes haven't actually
> had any effect at all. Cool, huh?
> -Nathan

That's a really neat idea. Sounds like a good candidate for a plugin or
generator.

Jason
Joe Van D. (Guest)
on 2006-04-28 23:23
(Received via mailing list)
On 4/26/06, Mohammad <removed_email_address@domain.invalid> wrote:
> > request.remote_ip
> >
> > You don't need a field on the form.
> I got this error
> undefined local variable or method `request' for
> ApplicationController:Class

Could you paste the function that you're using the request in?
This topic is locked and can not be replied to.