Made a meme one that took 3 minutes to program, 5 minutes to find a good offline GeoIP location source for, 10 minutes to come up with a design for, and half an hour to make sure nothing got logged by the web server.
I’m sure it would be better if I paid MaxMind money, but that’d go a bit far for a stupid meme picture that I’ll probably take down in less than a week.
If you live in a dictatorship and this thing can get your location right, you should probably be using some kind of VPN. Wouldn’t want you to run into trouble with the regime!
The image is generated on demand by a PHP script. It’s not a static image file. Every time the web browser sends a GET /poc.png, a new image is generated based on the information your browser or app sends the server.
It’s actually how a lot of tracking code works. The image data returned may be the same, but the data collection through cookies and maybe even some passive fingerprinting all happen every time you send a request.
Yeah I saw OPs explanation in the comments. That is fucking cool! And scary! I’ve never needed to generate images with code before, so Ive never even considered something like this before.
PHP is underappreciated, especially recent PHP. Null coalescing operators! Actually typed variables that produce an error if you pass the wrong type! It’s superior to Python despite it’s mid-2000s-spaghetti-college-kid-developer reputation.
Hell, I may get downvoted for this, but I honestly believe PHP’s Doctrine is superior to Java/Kotlin’s Hibernate. Symfony and Spring are almost equally good in terms of functionality, though PHP is quite a lot slower, sadly.
It can run natively on an Apache server without any frameworks required to render user website markup and serve pages. That’s a pretty awesome advantage.
PHP is the OG bad-ass for getting shit done. No setup, no compile, no deployment pipelines. Hell, you can create and write the files right there on the server with nothing more than an SSH terminal if you want.
Ah, I see! I was also thinking of maybe using something like Google Earth to make a GIF that zooms into your local area but that was waaaaaaay to computationally expensive to render on the server.
I hate this so much. Its super cool but MAN what the hell. I don’t think I’m going to ever turn off my VPN anymore. I’m in a super small town and that image is correct.
It’s cached somewhere because I can’t get it to update. Maybe time for a new account too. Hmmmm
It’s should only be cached in your browser. Try opening the image in a new tab and hitting Ctrl+Shift+R.
Opening it in a porn tab or clearing your browser cache should also work.
Made a meme one that took 3 minutes to program, 5 minutes to find a good offline GeoIP location source for, 10 minutes to come up with a design for, and half an hour to make sure nothing got logged by the web server.
Finally. Someone noticed 🥹
Joke’s on you. IP geolocation where I am is an unreliable mess and your image got it wrong by about 1000km!
I’m sure it would be better if I paid MaxMind money, but that’d go a bit far for a stupid meme picture that I’ll probably take down in less than a week.
Location is right, but I highly doubt anyone near me is using Lemmy (dictatorship here).
If you live in a dictatorship and this thing can get your location right, you should probably be using some kind of VPN. Wouldn’t want you to run into trouble with the regime!
deleted by creator
Great, hot milfs near my location
I’m not using a VPN or anything and it got my location wrong by 700 kilometers 🤔
Are you sure you are where you think you are? When’s the last time you looked outside?
Oh no! I’ve been kidnapped!
Woah this is really cool. Though I was way off for me and I’m not on a VPN right now.
That’s a good thing to be honest, but feel free to send in corrections to the data source if you want internet companies to stalk you.
Thanks for the heads-up.
Routing my Lemmy mobile app through orbot from now on. Seems to have fixed the issue.
I wonder why the Baltimore community is so dead, then.
You can run Geolocation with images now? What the heck? How?
The image is generated on demand by a PHP script. It’s not a static image file. Every time the web browser sends a GET /poc.png, a new image is generated based on the information your browser or app sends the server.
It’s actually how a lot of tracking code works. The image data returned may be the same, but the data collection through cookies and maybe even some passive fingerprinting all happen every time you send a request.
It’s not the image, it’s a normal image. The server does the hard work when you make the request, and then it just builds the image accordingly.
Yeah I saw OPs explanation in the comments. That is fucking cool! And scary! I’ve never needed to generate images with code before, so Ive never even considered something like this before.
My location is accurate, to give some good feedback on your program too lol
Haha it’s just an IP lookup in a free database I’ve downloaded, I did 0% of the hard work. Thanks for the reply anyway!
I was wondering for a second why my town of all places was posted lmao. Also made me realize I forgot to turn my vpn back on.
This is great, because it located me about a full day’s drive from where I live, so I’m still pretty anonymous :-)
Thought about adding the user’s location, but was worried PythonAnywhere could somehow cache the image between multiple people. A great demo though!
You have the code for this? Very interested in how you implemented it
Probably has bugs. Probably no security bugs. Feedback is welcome (but I don’t care enough about this to try my hardest).
require_once('/var/www/html/geoip2.phar'); use GeoIp2\Database\Reader; $ip = $_SERVER['HTTP_X_REAL_IP'] ?? $_SERVER['REMOTE_ADDR']; $cityReader = new Reader('/var/local/php/GeoLite2-City.mmdb'); $record = $cityReader->city($ip); header('Content-Type: image/png'); $image = @imagecreatefrompng('lemmybase.png'); $black = imagecolorallocate($image, 0, 0, 0); // "Some City, SS, Country Name" $text = $record->city->name . ', ' . $record->mostSpecificSubdivision->isoCode . ', ' . $record->country->name; /* $font_path = '/tmp/ComicSand.ttf'; */ $font_path = '/usr/share/fonts/ubuntu/Ubuntu-M.ttf'; // Render text imagettftext($image, 30, 0, 28, 224, $black, $font_path, chunk_split($text, 22)); // Dump image to web server imagepng($image); // Free resources imagedestroy($image);Edit: damn, Lemmy really hates
< ? php. Just imagine that’s the first line in the file.Damn, PHP is such a sleeper of a language, I always forget how useful it can be.Thanks for sharing!
PHP is underappreciated, especially recent PHP. Null coalescing operators! Actually typed variables that produce an error if you pass the wrong type! It’s superior to Python despite it’s mid-2000s-spaghetti-college-kid-developer reputation.
Hell, I may get downvoted for this, but I honestly believe PHP’s Doctrine is superior to Java/Kotlin’s Hibernate. Symfony and Spring are almost equally good in terms of functionality, though PHP is quite a lot slower, sadly.
Nice, sounds like it’s getting modernized. I’ll have to give it another round, thanks!
Genuinely curious, how is it superior to Python in your opinion?
Edit: Apart from the things you listed 😅
It can run natively on an Apache server without any frameworks required to render user website markup and serve pages. That’s a pretty awesome advantage.
PHP is the OG bad-ass for getting shit done. No setup, no compile, no deployment pipelines. Hell, you can create and write the files right there on the server with nothing more than an SSH terminal if you want.
PHP is pretty damn awesome really… Sad that it’s gone out of favor IMHO
Hah, not my town, but close. That’s where my ISP is located though.
I’m not using a VPN and the location isn’t accurate.
It’s got me about an hour from where I actually am
Hey. I wanted to do this tomorrow.
Well I have a new idea which is pretty similar
I originally planned to do something based on the Referer header, but the browser doesn’t send those for linked images.
In theory you can do a lot with this. Detect VPNs based on MTU, for example, or if you’re malicious, turn it into a tracker.
I’m plannig to make one of these “dox’d memes” where someone says something controversial and another one answers with the ip address.
Ah, I see! I was also thinking of maybe using something like Google Earth to make a GIF that zooms into your local area but that was waaaaaaay to computationally expensive to render on the server.
I hate this so much. Its super cool but MAN what the hell. I don’t think I’m going to ever turn off my VPN anymore. I’m in a super small town and that image is correct.
It’s cached somewhere because I can’t get it to update. Maybe time for a new account too. Hmmmm
It’s should only be cached in your browser. Try opening the image in a new tab and hitting Ctrl+Shift+R. Opening it in a porn tab or clearing your browser cache should also work.
Yeah, app cache had to be cleared. We good