Forum: Ruby on Rails Stealing users IP address

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
3324a49b1605f0e2df7676ff64f5e712?d=identicon&s=25 Mohammad Ruby (mohammad)
on 2006-04-27 04:49
Is there a functiaon to take the IP address of person who submits to a
form
example:
<input id="user_ip" name="user[ip]" type="hidden" value="<%=
some_ip_call %>" />
25e11a00a89683f7e01e425a1a6e305c?d=identicon&s=25 Wilson Bilkovich (Guest)
on 2006-04-27 04:54
(Received via mailing list)
On 4/26/06, Mohammad <name.goes.here44@gmail.com> wrote:
> Is there a functiaon to take the IP address of person who submits to a
> form
> example:
> <input id="user_ip" name="user[ip]" type="hidden" value="<%=
> some_ip_call %>" />
>

In your controller action, you can invoke:
request.remote_ip

You don't need a field on the form.
3324a49b1605f0e2df7676ff64f5e712?d=identicon&s=25 Mohammad Ruby (mohammad)
on 2006-04-27 05:50
Wilson Bilkovich wrote:
> On 4/26/06, Mohammad <name.goes.here44@gmail.com> wrote:
>> Is there a functiaon to take the IP address of person who submits to a
>> form
>> example:
>> <input id="user_ip" name="user[ip]" type="hidden" value="<%=
>> some_ip_call %>" />
>>
>
> In your controller action, you can invoke:
> request.remote_ip
>
> You don't need a field on the form.
I got this error
undefined local variable or method `request' for
ApplicationController:Class
B84d42a3a5c343f8fc6ab7d7f47fd3f5?d=identicon&s=25 Robby Russell (Guest)
on 2006-04-27 06:20
(Received via mailing list)
On Apr 26, 2006, at 8:50 PM, Mohammad wrote:

>> In your controller action, you can invoke:
>> request.remote_ip
>>
>> You don't need a field on the form.
> I got this error
> undefined local variable or method `request' for
> ApplicationController:Class


What version of Rails are you running?

Robby

Robby Russell
Founder & Executive Director

PLANET ARGON, LLC
Ruby on Rails Development, Consulting & Hosting

www.planetargon.com
www.robbyonrails.com

+1 503 445 2457
+1 877 55 ARGON [toll free]
+1 815 642 4968 [fax]
3324a49b1605f0e2df7676ff64f5e712?d=identicon&s=25 Mohammad Ruby (mohammad)
on 2006-04-27 06:26
Robby Russell wrote:
> On Apr 26, 2006, at 8:50 PM, Mohammad wrote:
>
>>> In your controller action, you can invoke:
>>> request.remote_ip
>>>
>>> You don't need a field on the form.
>> I got this error
>> undefined local variable or method `request' for
>> ApplicationController:Class
>
>
> What version of Rails are you running?
>
> Robby
>
> Robby Russell
> Founder & Executive Director
>
> PLANET ARGON, LLC
> Ruby on Rails Development, Consulting & Hosting
>
> www.planetargon.com
> www.robbyonrails.com
>
> +1 503 445 2457
> +1 877 55 ARGON [toll free]
> +1 815 642 4968 [fax]

Ruby version	1.8.4 (i386-mswin32)
RubyGems version	0.8.11
Rails version	1.1.2
Active Record version	1.14.2
Action Pack version	1.12.1
Action Web Service version	1.1.2
Action Mailer version	1.2.1
Active Support version	1.3.1
D5145c421cd25af6fa577c15219add90?d=identicon&s=25 unknown (Guest)
on 2006-04-27 09:54
(Received via mailing list)
Just making sure you know... the IP address is a very unreliable piece
of information. It changes all the time for most users. AOL users have
a different IP address for every request, for example, and for dial-up
and most DSL users, it changes every time they connect. It can be
useful sometimes for trying to spot trends in usage, or, to an extent,
finding out where someone is from
0a36dd2d45a8cead5dcfd27a9346f620?d=identicon&s=25 Mohammad (Guest)
on 2006-04-27 14:02
unknown wrote:
> Just making sure you know... the IP address is a very unreliable piece
> of information. It changes all the time for most users. AOL users have
> a different IP address for every request, for example, and for dial-up
> and most DSL users, it changes every time they connect. It can be
> useful sometimes for trying to spot trends in usage, or, to an extent,
> finding out where someone is from

So is there an efficent way to ban someone from my site?
D5145c421cd25af6fa577c15219add90?d=identicon&s=25 unknown (Guest)
on 2006-04-27 14:23
(Received via mailing list)
The best way I've found, although still reasonably easy to get around,
is to use a combination of a cookie and an IP address. If either is
matched to a banned list, they don't get in.

Also, depending on the nature of the site, it can be possible to have
fake site features for banned users to hide the fact that they have
been banned. It will fool some, believe me.

-Nathan
D5145c421cd25af6fa577c15219add90?d=identicon&s=25 unknown (Guest)
on 2006-04-27 14:27
(Received via mailing list)
Oh, and just to clarify, the point of hiding from users that they've
been banned is so that they deliberately don't try to get around your
banning method.
6ef8cb7cd7cd58077f0b57e4fa49a969?d=identicon&s=25 Brian Hogan (Guest)
on 2006-04-27 15:15
(Received via mailing list)
Hey, I really like that idea :)
D5145c421cd25af6fa577c15219add90?d=identicon&s=25 unknown (Guest)
on 2006-04-27 16:18
(Received via mailing list)
It's good isn't it. There are parts of my site which anyone can edit,
and I'm working out how to set it up so that when a blocked user edits
something, their changes come up for them once they submit (using
ajax) just as if they were a normal user. If they were to refresh the
page, however, they would notice that their changes haven't actually
had any effect at all. Cool, huh?
-Nathan
6372e690497a80453a1d3d120d8b8818?d=identicon&s=25 Jason Stewart (Guest)
on 2006-04-28 20:58
(Received via mailing list)
On 27/04/06 15:16 +0100, njmacinnes@gmail.com wrote:
> It's good isn't it. There are parts of my site which anyone can edit,
> and I'm working out how to set it up so that when a blocked user edits
> something, their changes come up for them once they submit (using
> ajax) just as if they were a normal user. If they were to refresh the
> page, however, they would notice that their changes haven't actually
> had any effect at all. Cool, huh?
> -Nathan

That's a really neat idea. Sounds like a good candidate for a plugin or
generator.

Jason
38a8230ed3d5c685558b4f0aad3fc74b?d=identicon&s=25 Joe Van Dyk (Guest)
on 2006-04-28 21:23
(Received via mailing list)
On 4/26/06, Mohammad <name.goes.here44@gmail.com> wrote:
> > request.remote_ip
> >
> > You don't need a field on the form.
> I got this error
> undefined local variable or method `request' for
> ApplicationController:Class

Could you paste the function that you're using the request in?
This topic is locked and can not be replied to.