Zoey Posted September 30, 2006 Share Posted September 30, 2006 I'm trying to create a simple IP ban script, just a little function that I can place in my webpages. I dont want to modify my .htaccess pages or just put the IPs directly in the code, because I want some admins on my site who don't have access to the code to be able to add IPs as they see fit if/when I am unavailable. I created a mysql table called bans, which has the field ip. I have something set up so it will add IPs into the table, and its working. However, when I try to check it against the IPs for the current user, its not working. I've tried a BUNCH of different things, so I'm REALLY looking for some help. Thanks so much.The function, at present:$addr = mysql_db_query("blah","SELECT ip FROM bans;",$database);$ip = $_SERVER['REMOTE_ADDR'];while ($ip = mysql_fetch_assoc($addr)) {print ("Error Message");exit;} Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/ Share on other sites More sharing options...
extrovertive Posted September 30, 2006 Share Posted September 30, 2006 [code=php:0]$myip = $_SERVER['REMOTE_ADDR'];$addr = mysql_query("SELECT ip FROM bans");while ($ip = mysql_fetch_assoc($addr)) {$banned_ip = $ip['ip']; if(strstr($myip,$banned_ip)) { print ("Error Message"); exit; }}[/code] Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/#findComment-101595 Share on other sites More sharing options...
Zoey Posted September 30, 2006 Author Share Posted September 30, 2006 Still not working. :(Banned IPs are still gaining access to the site (I'm testing it out with a friend and her IP.. she's getting the non-error version). Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/#findComment-101598 Share on other sites More sharing options...
extrovertive Posted September 30, 2006 Share Posted September 30, 2006 Maybe her IP has changed if it's dynamic.Try adding your current IP to the database now. Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/#findComment-101600 Share on other sites More sharing options...
Zoey Posted September 30, 2006 Author Share Posted September 30, 2006 I also posted on the page print $_SERVER['REMOTE_ADDR']; so she can let me know if any changes happen when she refreshes. So far no change in IP.. Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/#findComment-101601 Share on other sites More sharing options...
extrovertive Posted September 30, 2006 Share Posted September 30, 2006 Have you tried if(strstr($myip,$banned_ip))? Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/#findComment-101602 Share on other sites More sharing options...
Zoey Posted September 30, 2006 Author Share Posted September 30, 2006 function ip_check() {$myip = $_SERVER['REMOTE_ADDR'];$addr = mysql_query("SELECT ip FROM bans");while ($ip = mysql_fetch_assoc($addr)) {$banned_ip = $ip['ip'];if(strstr($myip,$banned_ip)) { print ("Error Message"); exit; }}}Like that? Yes, I tried. And no, not working yet. :/ Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/#findComment-101604 Share on other sites More sharing options...
extrovertive Posted September 30, 2006 Share Posted September 30, 2006 Ok, output your IP.And now output all the IPs in the loop. Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/#findComment-101609 Share on other sites More sharing options...
Zoey Posted September 30, 2006 Author Share Posted September 30, 2006 Ohoh! Figured it out. Thanks SO much!Topic closed. Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/#findComment-101612 Share on other sites More sharing options...
printf Posted September 30, 2006 Share Posted September 30, 2006 Why in the world are you looping your result, just do it in the database, there is no need for a loop!Please show your database table scheme, so I can see how your storing the ip! After I will show you how to check the IP or a certain IP range so you can ban by dotted range or the full IP.Also some thing like below is better for getting the right IP![code=php:0]function get_ip () { $ip = ! empty ( $_SERVER['CLIENT_IP'] ) ? $_SERVER['CLIENT_IP'] : ''; $ip = ! empty ( $_SERVER['HTTP_CLIENT_IP'] ) ? $_SERVER['HTTP_CLIENT_IP'] : $ip; if ( ! empty ( $_SERVER['HTTP_X_FORWARDED_FOR'] ) && preg_match_all ( '#\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}#s', $_SERVER['HTTP_X_FORWARDED_FOR'], $f ) ) { foreach ( $f[0] AS $id ) { if ( ! preg_match ( "#^(10|172\.16|192\.168)\.#", $id ) ) { $ip = $id; break; } } } $ip = ! empty ( $_SERVER['REMOTE_ADDR'] ) && empty ( $ip ) ? $_SERVER['REMOTE_ADDR'] : $ip; return $ip; } echo get_ip ();[/code]me! Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/#findComment-101613 Share on other sites More sharing options...
Zoey Posted September 30, 2006 Author Share Posted September 30, 2006 So I can still have admins enter IPs on the webpage itself?I actually don't have access to the database, my webhost only gives me access to the code itself, so I just get to work with what I have. All I know is the table is bans and the field is ip... would you need more information than that? :/(But if you can't do it from what I have, the current way I have it works, so I'm okay either way :P)========That code you just added... so whole thing would take the place of $myip = $_SERVER['REMOTE_ADDR'];?Sorry, I'm confused now :( Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/#findComment-101614 Share on other sites More sharing options...
printf Posted September 30, 2006 Share Posted September 30, 2006 Yes...[code=php:0]$myip = get_ip ();[/code]$_SERVER['REMOTE_ADDR'] <- will not always give you the correct ip, that's why it is always a good idea to check certain $_server variables so you get the correct ip. Like AOL users, $_SERVER['REMOTE_ADDR'] will give you the proxy ip not the client ip, which in the case of a AOL visitor would be found in $_SERVER['HTTP_X_FORWARDED_FOR']! Many ISP(s) do different things, so you go through the most important first, then use the least important which gives you the basic ip when the real ip is not hidden by a proxy!me! Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/#findComment-101622 Share on other sites More sharing options...
Zoey Posted September 30, 2006 Author Share Posted September 30, 2006 [code]function get_ip () { $ip = ! empty ( $_SERVER['CLIENT_IP'] ) ? $_SERVER['CLIENT_IP'] : ''; $ip = ! empty ( $_SERVER['HTTP_CLIENT_IP'] ) ? $_SERVER['HTTP_CLIENT_IP'] : $ip; if ( ! empty ( $_SERVER['HTTP_X_FORWARDED_FOR'] ) && preg_match_all ( '#\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}#s', $_SERVER['HTTP_X_FORWARDED_FOR'], $f ) ) { foreach ( $f[0] AS $id ) { if ( ! preg_match ( "#^(10|172\.16|192\.168)\.#", $id ) ) { $ip = $id; break; } } } $ip = ! empty ( $_SERVER['REMOTE_ADDR'] ) && empty ( $ip ) ? $_SERVER['REMOTE_ADDR'] : $ip; return $ip; }function ip_check() {$myip = get_ip();$addr = mysql_db_query("blah","SELECT ip FROM bans;");while ($ip = mysql_fetch_assoc($addr)) {$banned_ip = $ip['ip']; if(strstr($myip,$banned_ip)) { print ("Error message"); exit; }}}[/code]That's not working.. Link to comment https://forums.phpfreaks.com/topic/22617-help-with-arrays-and-ip-banning/#findComment-101626 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.