dougmcc1 - 5:03 am on Dec 17, 2008 (gmt 0)

Thanks for the reply, Jim.

I thought it was really strange, too. I don't know if it makes any difference but I assume they're using a bot to send requests to my registration script rather than actually visiting my website through a browser.

I added some PHP code to collect their IP address and then I banned all users who don't have an IP which essentially are just the few spammer registrations.

But now they started signing up with IP addresses so I added functionality to allow me to ban the IP addresses they're using.

Anyway, whether they do or dont have an IP I should be able to control their access now. Still, it is kind of wierd that the script wasn't capturing their IP. Here's the script:

function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet { $ip=$_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy { $ip=$_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip=$_SERVER['REMOTE_ADDR']; } return $ip; }

Thanks again.

[edited by: jatar_k at 4:06 pm (utc) on Dec. 17, 2008]
[edit reason] added code [/edit]