Jump to content

Recommended Posts

Am facut acest cod php. Este folosit ca si un cod de geotargeting. De exemplu un user viziteaza siteul meu, ii este verificat ip’ul. Am o baza de date cu toate ip’urile din lume. In functie de IP, codul stabileste tara de unde provine userul dupa care il poate redirectiona oriunde. De exemplu il poate redirectiona daca e englez pe o pagina a siteului meu scrisa in engleza, iar daca e francez pe una in franceza.

 

Problema cea mare este. Am folosit hosting de la dwhs.com. Si am avut codul in pagina de index. Deci indexul era php. Am fost hacuit foarte usor si am gasit in pagina de index, in josul ei, un script java (troieni).

Acum stiu ca am gresit punand indexul o pagina php. Dar sunt sigur ca si codul php folosit de mine nu e securizat. Asa ca va rog, pe oricine se pricepe sa ma ajute sa il securizez. Mie mi se pare extrem de folositor acest cod.

 

Ce ar fi superb, e sa il modific incat sa recunoasca daca userul care imi viziteaza siteul foloseste proxy si sa ii identifice ip’ul real. Si abia dupa ce ii recunoaste IP’ul real sa faca redirectionarea dupa tara.

 

Sper sa ma poata ajuta cineva. Multumesc.

 

<?

$DatabaseServer = "";

$Username = "";

$Password = "";

$DatabaseName = "";

 

$link = mysql_connect($DatabaseServer, $Username, $Password) or die('Could not connect: ' . mysql_error());

mysql_select_db($DatabaseName) or die('Could not select database');

$IP = $_SERVER["REMOTE_ADDR"]; //Get the IP address

$res = mysql_query("SELECT country_code2,country_name FROM csv WHERE IP_FROM<=inet_aton('$IP') AND IP_TO>=inet_aton('$IP')");//look up IP address

 

$Codes = mysql_fetch_array($res); //get result

$CountryCode = $Codes['country_code2']; //two-letter country code

$CountryName = $Codes['country_name']; //full country name

 

if($CountryCode == "UK" && !$IP == "ipul tau")

  {

  header  (deschide pagina care o vreau);

  }

  else

  {

  echo hey;

  }

?>

 

I was posting this question in a Romanian forum:) and i got things messed up.

Basicly here is the problem.

 

I've made a geotargeting code. Basicly it gests the user IP, then checks it in my database. The database contains all the ip classes in the world and the countries they are from. It gets the user country, and then the code decides what page that user should visit.

For example if the code determins that the user is french it reddirects him to a french page of my website.

 

The problem is this: i got hacked using this code. I had hosting at dwhs at that time. I kept the code on my index page, and yes my index page was php. So i think this is one of the reasons that i got hacked. A hacker exploited my code, and inserted a java script in the bottom of my page. So basicly i would be happy if you could pls check this code for php security issues.

 

One more thing, i would like to improve it. Mabe make it in a way so it can detects a surfers real ip even if he uses a proxy. After he detectsc the user real ip, then it reddirects him to the page i want him to.

 

Basicly i use this code to keep some countries out of my website.

TY.

the code is:

<?

$DatabaseServer = "";

$Username = "";

$Password = "";

$DatabaseName = "";

 

$link = mysql_connect($DatabaseServer, $Username, $Password) or die('Could not connect: ' . mysql_error());

mysql_select_db($DatabaseName) or die('Could not select database');

$IP = $_SERVER["REMOTE_ADDR"]; //Get the IP address

$res = mysql_query("SELECT country_code2,country_name FROM csv WHERE IP_FROM<=inet_aton('$IP') AND IP_TO>=inet_aton('$IP')");//look up IP address

 

$Codes = mysql_fetch_array($res); //get result

$CountryCode = $Codes['country_code2']; //two-letter country code

$CountryName = $Codes['country_name']; //full country name

 

if($CountryCode == "UK" && !$IP == "ipul tau")

  {

  header  (deschide pagina care o vreau);

  }

  else

  {

  echo hey;

  }

?>

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.