simcoweb Posted July 25, 2006 Share Posted July 25, 2006 Here's the scenario:I have a script that pulls their IP address along with the date and the directory and posts that information to a mysql database. What I want to do now is have the script be capable of banning ip's. So, to do so the script must first determine it (which it does) but before it adds it to the database it needs to check to see if it's possibly in the 'banned' section. If that IP is banned then it should display a separate message. (like 'you are banned, dude!).Here's the code for the main page that collects and writes the data:[code]<?php $ip = $_SERVER["REMOTE_ADDR"];$dir = $_SERVER["REQUEST_URI"];include 'config.php'; //edit the location of your logging file or MySQL database in the config.phpinclude 'header.php';//set the date$v_date = date("l d F H:i:s");print "<table width='500' align='center' border='1'><tr><td>";print "<table width='100%'><tr><td bgcolor='#C8D4DF'>";echo "<center><font face='Verdana'><h3>Unauthorized Access Warning Message</h3></font>";print "</td></tr>";print "<tr><td bgcolor='#FFF0C0'>";print "<center><h3>You should not be here</h4><p>";print "</td></tr>";print "<tr><td bgcolor='#FFF0C0'>";echo "<center><font size='2' face='Verdana'>Your IP address is ". $ip . " and has been logged</font><p>";echo "$v_date<p>";echo "<center><font size='1' face='Verdana'><strong>You will be redirected to an authorized page.</strong></font>";print "</td></tr></table></td></tr></table>";//open the MySQL database and write to the tablemysql_connect($dbhost, $dbuser, $dbpass) or die('Database will not open');mysql_select_db($dbname);// Insert a row of information into the table "iplog"mysql_query("INSERT INTO iplog (ip, date, directory) VALUES('$ip', '$v_date','$dir') ") or die(mysql_error());echo "<center><h2>Data logged successfully!<br />";?>[/code]I'm a noob so I think in logical expressions when it comes to what needs to be done. So, i've outlined it but I'm not sure how to code it. Here's my presumptions:1) create a function() that would check the incoming $ip address against the MySQL database2) the function would run a mysql_query into the 'banned' field of the db table to search for a match3) the function would contain an 'if' statement pertaining to the query finding the match or not4) the 'if' statement would state 'if a match is found... blah blah.. echo 'you suck and don't come back'5) the 'else' statement would, if no match found, push the script to do its normal thing, display the normal message and log the new dataNow, that's my logical brain mode. I've looked at some code that performs similar analysis/comparison that was posted in here for someone looking to validate if a username/password/email were already in the database. It makes sense but at the same time it's confusing. Here's the snippet:[code]//check to see if the login id or email is already being used$loginid_sql = sprintf("SELECT COUNT(*) AS loginid_match FROM `login_tbl ` WHERE `loginid` = '%s'", $login_id);$email_sql = sprintf("SELECT COUNT(*) AS email_match FROM `login_tbl ` WHERE `email` = '%s'", $email);$loginid_result= mysql_query($loginid_sql) or die(mysql_error());$email_result= mysql_query($email_sql) or die(mysql_error());$loginid_match= mysql_result($loginid_result, 0, 'loginid_match');$email_match= mysql_result($email_result, 0, 'email_match');if ( $loginid_match > 0 ) { //if there are any login ids that match echo "This login id is already taken. Please try again"; include('register.html');//your register form unset($loginid); exit();}if ( $email_match > 0 ) { //if there are any email addresses that match echo "This email has already been used"; include('register.html');//your register form unset($email); exit();}[/code]What I see is it does the inquiry to validate if it exists, runs the 'if' statements based upon the results. What I need is a simple way to either adapt this or do similar for my needs. I'm just stuck on the proper method. Thanks for any suggestions and code help :) Quote Link to comment https://forums.phpfreaks.com/topic/15555-how-to-determine-if-new-data-being-posted-is-already-in-the-database/ Share on other sites More sharing options...
trq Posted July 25, 2006 Share Posted July 25, 2006 its quite simple. Here is an example, I'll wrap it in functions seeing as your talking about them. There good to use wherever possible.[code=php:0]function isbanned($ip) { $sql = "SELECT id FROM banned_ips WHERE ip = '$ip'"; if ($result = mysql_query($sql)) { return true; } return false;}if (isbanned($_SERVER['REMOTE_ADDR'])) { echo "you suck and don't come back";} else { // go about whatever it is you want to do.}[/code]Be aware though that ips can be very easily spooked, and are pretty unreliable. For instance, at my work there are some 600 computers, all of which would have the same public ip. Quote Link to comment https://forums.phpfreaks.com/topic/15555-how-to-determine-if-new-data-being-posted-is-already-in-the-database/#findComment-63218 Share on other sites More sharing options...
simcoweb Posted July 25, 2006 Author Share Posted July 25, 2006 First, thanks for the response. Secondly, I was assuming that even in my logical mind that I was over complicating it. This looks simple and easy to adapt. I'm soaking this stuff up like a sponge Thanks for the help! Quote Link to comment https://forums.phpfreaks.com/topic/15555-how-to-determine-if-new-data-being-posted-is-already-in-the-database/#findComment-63226 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.