Posted by Steve on 08/18/07 22:20

here's a straight-forward method to begin with. any other issues raised can
be answered easily with a little investigation and modification to this
general approach. the best you can do is find the issuing isp. most of the
time, the user of the ip is very near the issuer.

hih,

me

==================

<?
class isp
{
public $address = '';
public $city = '';
public $clientIp = '';
public $country = '';
public $email = '';
public $name = '';
public $phone = '';
public $state = '';
public $zip = '';

private function __clone(){}

public function __construct($ip = '')
{
if (!$ip)
{
if (!$ip = $_SERVER['HTTP_CLIENT_IP'])
{
if (!$ip = $_SERVER['HTTP_X_FORWARDED_FOR'])
{
if (!$ip = $_SERVER['REMOTE_ADDR']){ $ip = ''; }
}
}
}
$this->clientIp = $ip;
$query =
file_get_contents("http://ws.arin.net/cgi-bin/whois.pl?queryinput=$ip");
if (strstr($query, "No match")){ return; }
$this->name = $this->getSegment('OrgName:', $query);
if ($isp->isp == '')
{
$href = preg_match('/HREF="([^"]*)"/', $query, $uri);
$href = 'http://ws.arin.net' . $uri[1];
$query = file_get_contents($href);
}

$this->address = strtoupper($this->getSegment('Address:' ,
$query));
$this->city = strtoupper($this->getSegment('City:' ,
$query));
$this->country = strtoupper($this->getSegment('Country:' ,
$query));
$this->email = strtolower($this->getSegment('OrgAbuseEmail:' ,
$query));
$this->name = strtoupper($this->getSegment('OrgName:' ,
$query));
$this->phone = strtoupper($this->getSegment('OrgAbusePhone:' ,
$query));
$this->state = strtoupper($this->getSegment('StateProv:' ,
$query));
$this->zip = strtoupper($this->getSegment('PostalCode:' ,
$query));
}

private function getSegment($segment, $source)
{
$pattern = '/' . $segment . '([^\n]*)\n/i';
$segment = preg_match($pattern, $source, $matches);
$segment = preg_replace('/<[^>]*>/', '', $matches[1]);
return $segment;
}
}
?>

[Back to original message]