Comments on: Get Site Visitor Information With PHP

By: Cody Taylor

Cody Taylor — Sun, 07 Jun 2009 18:15:59 +0000

Ahh. Good call about the sql injection. Didn’t even think about that. In production code I always make $_POST and $_GET safe but I don’t think I’ve ever made sure that the user agent is safe. I’m gonna have to go patch a few older projects.

By: Ihab Khattab

Ihab Khattab — Sun, 07 Jun 2009 18:14:48 +0000

sorry I mean nasty stuff about other attacks not about output you already show a good stuff

sorry again

By: Ihab Khattab

Ihab Khattab — Sun, 07 Jun 2009 18:12:41 +0000

Nice article

Please note that user can manipulate their user agents there is already Firefox add-one for that and a lot of other ways to other browsers

so you shouldn’t store it directly, you should consider if someone gonna make an SQL injection also you should consider escaping output to prevent XSS as you already outputting this and other nasty stuff

Thanks

By: Cody Taylor

Cody Taylor — Sun, 07 Jun 2009 14:23:24 +0000

I was thinking about writing some automated geolocation stuff. What would you like to see?

By: ellisgl

ellisgl — Sun, 07 Jun 2009 04:35:02 +0000

Just wondering if you are going to expand this to get other information about the vistor?

By: Cody Taylor

Cody Taylor — Sun, 07 Jun 2009 03:20:43 +0000

Good Advice

By: Chris

Chris — Sun, 07 Jun 2009 03:10:16 +0000

Note that $_SERVER['HTTP_REFERER'] will not be set if the browser did not pass this information along. If you are coding an error reporting level that includes notices it will show an error message if you access this value and it’s not set. So you’ll want to use something like isset() to check the array variable is set.