在存储之前加密用户的IP地址 [英] Encrypting user's IP address before storing it

问题描述

我正在使用 PHP 和 MySQL ，我想将用户的IP地址存储到数据库中以进行比较目的（例如，每个IP只允许一个标志到一个线程）。可以通过以下方式进行吗？

I'm using PHP and MySQL, and I want to store users' IP addresses into the database for comparison purposes (e.g. allowing only one flag to a thread per IP). Would it be okay to do it the following way?

用PHP检索：

$ipAddress = md5($_SERVER["REMOTE_ADDR"]);

然后将其作为 VARCHAR（32）保存到数据库中。

如果我不得不更全面地使用IP，我猜这不是正确的方法，但如果是的话只是为了确保相同的IP没有做两次，可以使用 md5 加密以简化操作（统一 IPv4 和将 IPv6 地址合并为一个）？

If I had to make a more comprehensive use of the IPs this wouldn't be the proper way to do it I guess, but if it's only to make sure that the same IP didn't do something twice would be okay to use the md5 encryption to simplify things (unifying IPv4 and IPv6 addresses into one)?

推荐答案

是的，这很好，虽然你的术语是错误的：这是散列，而散列不是加密。

Yes, this is fine, though your terminology is wrong: this is hashing, and hashing is not encryption.

您还应该解析 X-FORWARDED-FOR 和 Client-IP 标题，除非你想阻止代理人背后的每个人，就好像他们是一个用户一样（例如大公司，高中等所有人）。

You should also parse the X-FORWARDED-FOR and Client-IP headers unless you want to block everyone behind a proxy as if they were a single user (e.g. everyone at large companies, high schools, etc).

这篇关于在存储之前加密用户的IP地址的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！