adv Posted December 22, 2011 Share Posted December 22, 2011 hello i have the following question i have a script that gets the user ip and if the ip is in the 'file' it redirects it to google <?php $ip=$_SERVER['REMOTE_ADDR']; $file=file('bad_ips'); foreach($file as $files){ if(stristr($files, $ip) === FALSE) { header('location:index1.php'); }else { header('location:http://google.com'); } } ?> in the file the ips are line by line example: 2.2.2.2 4.4.4.4 but the problem is this if the ip `2.2.2.2` enters i wnat to search in the file for just 2.2 if searches only if i put the entire ip in the `file` 2.2.2.2 Quote Link to comment Share on other sites More sharing options...
scootstah Posted December 22, 2011 Share Posted December 22, 2011 So if you ban the IP "2.2.2.2", anyone with "2.2.*.*" is also banned? You realize that by doing this you ban a LOT of people, but the person you banned can easily bypass it. Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted December 22, 2011 Share Posted December 22, 2011 Is there a reason you aren't using a database for this? Quote Link to comment Share on other sites More sharing options...
adv Posted December 22, 2011 Author Share Posted December 22, 2011 yes thats what i want scootstah Pikachu2000 because i have only a small list and i want to ban it 2.2.* how do i do it? Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted December 22, 2011 Share Posted December 22, 2011 I don't see the correct logic in your code, it's checking each ip in the list, so only the first one checked ...it will take you to that header location. try this <?php $ip = $_SERVER['REMOTE_ADDR']; $explode_ip = explode(".",$ip); $iprange2 = $explode_ip[0] . "." . $explode_ip[1]; $iprange3 = $iprange2 . "." . $explode_ip[3]; $file=file('bad_ips');// no file extension? if (in_array($ip, $file) || in_array($iprange2, $file) || in_array($iprange3, $file)) { header("location: http://www.google.com/"); } else { header('location:index1.php'); } ?> I forgot to add.... just use ranges like 2.2 or 2.2.2 in your list Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted December 22, 2011 Share Posted December 22, 2011 changed it a little <?php $ip = $_SERVER['REMOTE_ADDR']; $explode_ip = explode(".",$ip); $iprange2 = $explode_ip[0] . "." . $explode_ip[1]; $iprange3 = $iprange2 . "." . $explode_ip[3]; $data = file('bad_ips.txt');// no file extension? foreach ($data as $line) { $banned_ips[] = trim($line); } if (in_array($ip, $banned_ips) || in_array($iprange2, $banned_ips) || in_array($iprange3, $banned_ips)) { header("location: http://www.google.com/"); } else { header('location:index1.php'); } ?> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted December 22, 2011 Share Posted December 22, 2011 I prefer working with IP addresses as numbers rather than strings, so the way I'd handle it would be to use a subnet mask with the IP address. Convert the address and mask with ip2long, and perform a bitwise AND to do the comparison. You could write it into a function to return a boolean TRUE/FALSE to determine whether to redirect or not, if you felt like it. <?php $ip = '2.2.2.2'; // address currently being checked $ip = ip2long('2.2.2.2'); // convert to long int $mask = ip2long('255.255.0.0'); // compare only first two octets of the IP address $file = file('file.txt', FILE_IGNORE_NEW_LINES); // read the file into an array $file = array_map('ip2long', $file); // convert values from file to long int // Loop through the values, comparing the values using bitwise AND operation to compare IP address to banned list. If first 2 octets match, the header() redirect is sent. foreach( $file as $v ) { //var_dump($v); echo '<br>'; if( ($ip & $mask) === ($v & $mask) ) { //echo long2ip($ip) . " Matches " . long2ip($v) . '<br>'; // uncomment to see result header('Location: http://www.google.com'); exit(); } } Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted December 22, 2011 Share Posted December 22, 2011 good point, was trying to keep it simple whichever way that works is good but personally, I think it's better to block them at the front door through htaccess with a code similar to this ## IP BANNING <Limit GET POST> order allow,deny deny from 42.12.5.34 deny from 193.110.145.185 deny from 212.173.53. deny from 69.242. allow from all </Limit> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted December 22, 2011 Share Posted December 22, 2011 I don't disagree with you there, as long as that functionality can be shifted out of the application. Quote Link to comment Share on other sites More sharing options...
adv Posted December 22, 2011 Author Share Posted December 22, 2011 QuickOldCar and if i use it like this <Limit GET POST> order allow,deny deny from 69. deny from 31. allow from all </Limit> does it takes from only the start of the ip i mean if the ip is 31.144.202.134 does it take it from 31. only and not if the ip is 61.31.212.134 does it block the second ip beginig in 61. Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted December 23, 2011 Share Posted December 23, 2011 you are correct, but that is an awful lot of ip's to block should try to stay with specific ranges that are only causing you problems something like 31.144.202. or at an extreme do 31.144. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.