Hey everyone...

I'm wondering if there is a way using php to track a ip to it's country of origin... I know that it'll be the ip adresses host but normally they'd be in the same country anyway...

I'm trying to do this to customize certain features of a website for the user...

Also, any thoughts on whether this is privacy invasion?

Thanks, Keyboard1333

The IP is necessarily transferred to the website, so, no, it's not privacy invasion. It's similar to the user's email address though, so I wouldn't make that information public without their consent. (For example, allow them to say "yes, show my location in my profile", but don't do it automatically.)

You can use MaxMind GeoIP for this. There's a free version and a paid version that is slightly more accurate. On average, it works well. But it won't work perfectly for every visitor. Good for statistics, but bad as something that must be correct every time.

Also, any thoughts on whether this is privacy invasion?

I have no doubt that some people may see it as an invasion of privacy, but it really isn't. In fact, it is quite interesting to see how many people track ip's when you ask around a bit. Before, i've even seen a member of a forum with a picture of a penguin in his signature holding a sign showing your ip, internet provider and location.

Before, i've even seen a member of a forum with a picture of a penguin in his signature holding a sign showing your ip, internet provider and location. That's showing you your information, not him. (Unless it's loading from his website and that's logging your IP. That would be tricky... haha.)

There is some morality/privacy question with doing a secondary information search based on the IP (while storing the IP to check for duplicate accounts, for example, isn't a concern at all). But as long as you don't present any of that information (including the IP) publicly, I don't see it as a major problem. Adding an "opt out" option is fine, though, and it wouldn't hurt to explain this in your site's TOS or Privacy Policy.

Sounds like a bit too much effort to go to :p

The main problem with the privacy concerns is using the ip address to obtain information deemed personal, ie area where they live, host, as there is of course some concern about those lovely people who sell that kind of information to less lovely people, however I think keyboard is just saying to get the country, so that he has a general idea of who is visiting the site

I don't see any of that as a problem as long as it is used 1) only internally (never sold, etc.); 2) never shared with other guests; 3) never used in a personal way (such as the administrators showing up outside the user's home). As long as it's all used by the site for site-related purposes, I think it's fine.
After all, you already have the IP. Whether or not you look at the information really isn't a major privacy concern-- if you wanted to use it for an evil purpose, you could, whether or not you actually do use it for a good purpose. That is: you don't need to avoid using it for a good purpose just because you could use it for a bad purpose-- you could do the bad thing without doing the good thing anyway. There's no added danger/invasion of privacy to use that information on the website.

However: there is a question about administrators (as people) seeing this data. So I'd suggest in general using it in an automated way and not abusing that power-- don't say "oh, yeah, you're from New York city, right?" next time you talk to a certain user.

But there are plenty of automated useful reasons to use this data: put the user on a location on a map (WITH permission for this one-- just allow them the opportunity to "automatically detect location"); monitor locations for spammers (and even setup banning and/or moderator approval for certain locations); target local ads to specific users; detect a language the user will probably understand; show the nearest location of your retail store; and may more things.


Note: storing this information longer than the IP is stored might be considered an invasion of privacy. If you're doing that, then you should probably ask their permission.

There are databases available which have nearly every ISP IP stored and which country they're in, and they have API's. So you can predict and store what country they're in for most places with these services.

Here's one service that's for free, and is 95% accurate when it comes to countries:
http://ipinfodb.com/ip_location_api.php

There's also the Google Chrome Geolocation feature, which you might want to look into.

I've seen some games use this GeoIP PHP API:

http://www.maxmind.com/app/php

They use it to display the player's country of origin as a flag on the high score table. It's also used in a couple of CMS Frameworks to do the same kind of thing for profiles, etc.

However: there is a question about administrators (as people) seeing this data. So I'd suggest in general using it in an automated way and not abusing that power-- don't say "oh, yeah, you're from New York city, right?" next time you talk to a certain user.

But there are plenty of automated useful reasons to use this data: put the user on a location on a map (WITH permission for this one-- just allow them the opportunity to "automatically detect location"); monitor locations for spammers (and even setup banning and/or moderator approval for certain locations); target local ads to specific users; detect a language the user will probably understand; show the nearest location of your retail store; and may more things.


Note: storing this information longer than the IP is stored might be considered an invasion of privacy. If you're doing that, then you should probably ask their permission.

In order to do your best to not abuse power, you could design an automated system to display various countries people visited from rather than going in and looking at the individual users ips/countries. In fact most of these systems people are suggesting do just that.

There's no reason it must be entirely generic statistics. But it shouldn't be used for purposes beyond automated functions on the site or displayed publicly without permission.

I suppose the rule of thumb to do with privacy and ip's, is really if you want to exploit the information based on the individual user, or if you just want it for general stats. Just out of curiosity, does anyone know how YouTube does their statistics on videos? Ie, amount of users, how many users per country etc.

Hey bernie, could you please start a new thread (the youtube thing)...
Thanks, Keyboard1333

Since it's a straightforward answer (unless it needs a longer discussion for some reason) I'll just answer here: I assume it's GeoIP or something similar (Google might have something proprietary).

I've said a few times that it doesn't need to be just generic stats if you follow a few guidelines.

alright, ill have a look at GeoIP