darkfreaks Posted May 23, 2009 Share Posted May 23, 2009 okay so i have an ip script that checks a text file for known country adresses and returns the name of the country however if i try to implement this into a block script it always returns the IP as united states and i am uncertain why i am using $_SERVER[REMOTE_ADDR] for the IP in my script. i assume it is a bug in the script yes ??? Quote Link to comment Share on other sites More sharing options...
cunoodle2 Posted May 23, 2009 Share Posted May 23, 2009 From what I've read all of the items in the "$_SERVER" array can be fairly easily changed so I don't know that you necessarily can trust that... SECURITY RISK ! Never ever trust the values that comes from $_SERVER. HTTP_X_FORWARDED, HTTP_X_FORWARDED_FOR, HTTP_FORWARDED_FOR, HTTP_FORWARDED, etc.. can be spoofed ! To get the ip of user, use only $_SERVER['REMOTE_ADDR'], otherwise the 'ip' of user can be easily changed by sending a HTTP_X_* header, so user can escape a ban or spoof a trusted ip. Are you always testing it from home? Are you in the US? Can you hard code a foreign IP into your page that you can use to test it out to give the page the impression you are in Europe or whatever country it is that you are trying to block? (hope that makes sense) Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 23, 2009 Author Share Posted May 23, 2009 nope i hard coded a UK IP into the script and it told me it was United States Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 23, 2009 Author Share Posted May 23, 2009 also here is the PHP IP class countryfromip.inc.php: <?php /** * This class generates the country name and its flag from its IP address * * * @author Rochak Chauhan */ class CountryFromIP { private $CountryIPDatabase = 'CountryIPDatabase.txt'; private $ip = ''; /** * Function to validate IP ( please modify it according to your needs) * * @param $ip - string * * @return boolean */ public function ValdateIP($ip) { $ipArray = explode(',',$ip); if(count($ipArray) != 4) { echo "<font color='red' size='3'> <b>ERROR: </b> Invalid IP</font>"; return false; } else { return true; } } /** * Function to return Country name from the IPDatabase * * @param $ip string * * @return string - name of the country, false otherwise */ public function GetCountryName($ip) { $this->ip = $ip; $ip = sprintf("%u", ip2long($ip)); $csvArray = file($this->CountryIPDatabase); for($i=0; $i<count($csvArray); $i++) { $arrayOfLine = explode(',', $csvArray[$i]); if($ip >= $arrayOfLine[0] && $ip <= $arrayOfLine[1] ) { return $countryName = $arrayOfLine[2]; } } return false; } ?> Main.php: <?php $ip="81.111.61.96"; require_once('CountryFromIP.inc.php'); //$ip = $_SERVER['REMOTE_ADDR']; $object = new CountryFromIP(); $countryName = $object->GetCountryName($ip);//always returns united states ?> Quote Link to comment Share on other sites More sharing options...
BK87 Posted May 23, 2009 Share Posted May 23, 2009 the code seems to explode IP's by commas not by periods... ... try this.. $ip=str_replace(",",".",$_SERVER["REMOTE_ADDR"]); Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 23, 2009 Author Share Posted May 23, 2009 ok this is what is happening the $ip variable is not matching the pulled info from the text file can anyone help me on this ??? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted May 23, 2009 Share Posted May 23, 2009 You would need to post the line from the file it is supposed to match. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 23, 2009 Author Share Posted May 23, 2009 this is the function that pulls the info and matches it to the $ip variable public function GetCountryName($ip) { $this->ip = $ip; $ip = sprintf("%u", ip2long($ip)); $csvArray = file($this->CountryIPDatabase); for($i=0; $i<count($csvArray); $i++) { $arrayOfLine = explode(',', $csvArray[$i]); if($ip >= $arrayOfLine[0] && $ip <= $arrayOfLine[1] ) { return $countryName = $arrayOfLine[2]; } } return false; } something is off in this function because its just printing united states as the country even if the IP is british ??? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted May 23, 2009 Share Posted May 23, 2009 So what have you done to troubleshoot what is in $ip, $arrayOfLine[0], and $arrayOfLine[1] to find out why it is not working, since you obviously are going to ignore the suggestion to post the actual data involved that someone else would need to be able to help you. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 23, 2009 Author Share Posted May 23, 2009 ok i pulled an example from the text file maybe it will explain more. 3560939996,3560939999,GERMANY the $ip variable is just pulling $_SERVER[REMOTE_ADDR] Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted May 23, 2009 Share Posted May 23, 2009 That code works for me using an IP of 212.63.161.221, which falls into the corresponding range of 3560939996,3560939999. Your code likely has a problem reading the file in so nothing is being compared. So, I'll ask again, what have you done to troubleshoot what it is actually doing? Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 23, 2009 Author Share Posted May 23, 2009 ok this is what i have on main.php <?php require_once('CountryFromIP.inc.php'); $ip=str_replace(",",".",$_SERVER["REMOTE_ADDR"]); $object = new CountryFromIP(); $countryName = $object->GetCountryName($ip); if($countryName ="UNITED STATES"){ ?> html code here <?php } ?> <?php if($countryName!=="UNITED STATES"){?> more html code here <?php }?> Quote Link to comment Share on other sites More sharing options...
cunoodle2 Posted May 23, 2009 Share Posted May 23, 2009 In your code... <?php if($countryName ="UNITED STATES"){ ?> html code here <?php } ?> <?php if($countryName!=="UNITED STATES"){?> ?> That first "if" will ALWAYS be true cause its just checking to see if united states was assigned to the variable of $countryName. Add a second "=" and go from there. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 23, 2009 Author Share Posted May 23, 2009 now it only returns the second IF :-\ Quote Link to comment Share on other sites More sharing options...
cunoodle2 Posted May 23, 2009 Share Posted May 23, 2009 echo the $countryName to the screen to see what it says. Also why does the second If have "!==" versus "!=" ?? Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 23, 2009 Author Share Posted May 23, 2009 countryname returns united states ip returns logged ip also i changed it to != and no different :-X Quote Link to comment Share on other sites More sharing options...
cunoodle2 Posted May 23, 2009 Share Posted May 23, 2009 Is it case sensitive? how about?... <?php if(strtolower($countryName) == "united states"){ ?> html code here <?php } ?> <?php if(strtolower($countryName) != "united states"){?> ?> Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 23, 2009 Author Share Posted May 23, 2009 no i highly doubt thats the case since the echoed out variable prints UNITED STATES just like it does in the file anyone else got any ideas ??? Quote Link to comment Share on other sites More sharing options...
cunoodle2 Posted May 23, 2009 Share Posted May 23, 2009 Well that's basically telling me that the variable is NOT equal to "UNITED STATES" then. If that were the case then the first one would work. Is there possibly a white space at the beginning or end? Just to prove me wrong please try the following code... <?php if(trim(strtolower($countryName)) == "united states"){ ?> html code here <?php } ?> <?php if(trim(strtolower($countryName)) != "united states"){?> Quote Link to comment Share on other sites More sharing options...
cunoodle2 Posted May 23, 2009 Share Posted May 23, 2009 If my post does not work then print the value to the screen and view the page source. See if there is like a "\ " escape character or something in between the words. I had a major issue with an IF statement awhile back and it was all because of that. If that is the case then try escaping slashes and comparing again. Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 23, 2009 Author Share Posted May 23, 2009 nope nothing Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 24, 2009 Author Share Posted May 24, 2009 anone got any brilliant ideas why it is telling me $countryname does not match UNITED STATES even though i have made sure it does ??? Quote Link to comment Share on other sites More sharing options...
cunoodle2 Posted May 24, 2009 Share Posted May 24, 2009 Are you sure there is nothing else in the middle there that is somehow changing the value? Perhaps a function call or something along those lines? There HAS to be something because basically what we are looking at here is an actual "Bug" with an "IF" statement and I'm betting that there is NOT one like this. It has to be your code somewhere. Try this code on a temp page or something just to see... <?php require_once('CountryFromIP.inc.php'); $ip=str_replace(",",".",$_SERVER["REMOTE_ADDR"]); $object = new CountryFromIP(); $countryName = $object->GetCountryName($ip); echo "<b>Country name info: </b>:<br />\n"; echo "Length: ".strlen($countryName)."<br />\n"; echo "Value:--".$countryName."--<br />\n"; if($countryName == "UNITED STATES") { $echo "IS United States<br />\n"; } if($countryName != "UNITED STATES") { $echo "NOT United States<br />\n"; } ?> What are the exact results that it shows on the screen? Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 24, 2009 Author Share Posted May 24, 2009 Country name info: : Length: 15 Value:UNITED STATES i count 13 characters why is it producing 15 ??? Quote Link to comment Share on other sites More sharing options...
darkfreaks Posted May 24, 2009 Author Share Posted May 24, 2009 ok i needed to use trim() problem fixed for now Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.