Ban by IP

[conker87]

I'm looking to use PHP to ban IP addresses rather than use .htaccess. I'm wondering what the best way to go about this is? Should I store these IP address in a file or create a little admin UI for myself to add addresses into a database.

 

That said, how would I compare the $_SERVER['HTTP_HOST'] to the fetched array?

 

Thanks guys.

[Daney11]

Id go with something like

 

$ip = $_SERVER['HTTP_HOST'];

 

if ($ip == 'BANNED') { echo "banned"; } else { }

 

store the ip in a database with a field called isbanned or something.

[jonsjava]

easy way (not the best, but the easiest):

<?php
$banned_ip = array("10.10.10.10", "10.10.10.11");
if(in_array($_SERVER['REMOTE_ADDR'], $banned_ip)){
/* Get rid of 'em! */
}
?>

[conker87]

Ahha.

 

So basically:

<?php
//blah

$ipArray = mysql_fetch_array($result)
if (in_array($_SERVER['REMOTE_ADDR'], $ipArray))
{ echo "banned"; }
else {

// entire code

}

?>

 

And thanks jonsjava, I knew it was remote_addr, mind went totally blank then.

[revraz]

Not sure why you think this will be effective, unless you work for a company and you know the user's IP won't change.

[jonsjava]

I prefer to block a C-class. Much more effective.

[PFMaBiSmAd]

If you put the ip addresses in a database (which you should anyway because you will end up with hundreds or thousands of banned addresses depending on how bad someone wants to visit your site or hot link your content), one per row, you can simply search using a query -

 

SELECT * FROM your_table WHERE ip_column = '$_SERVER['REMOTE_ADDR']'

 

Short answer, let the database do the work. (The fetch_array code you just posted would only work if you add a column for each IP and that would be a terrible table design.)

[conker87]

A C-class eh? How would one go about this?