IP Banning

[RickyF]

Hi,

 

Ok so i have config.php, in this i need a var to be set as $bannedips

 

and in index.php the banned ips need to be collected from config.php and if the IP is banned a die error should show

 

I need it so that $bannedips is on like this: $bannedips = "1.1.1.1, 2.2.2.2, 3.3.3.3";

 

If its possible to do this not using quotes on each ip this would be useful, most essentially the ips need to be on one line seperated by a comma.

 

Using php 4.4.7

 

Thanks for any help!

[pocobueno1388]

You can do something like this:

 

<?php

$bannedips = "1.1.1.1, 2.2.2.2, 3.3.3.3";
$ips = explode(",", $bannedips);

if (in_array("IP ADDRESS", $ips)){
    
    echo "You are banned!";
exit;
}

?>

[RickyF]

Thanks a lot!

[RickyF]

Similarly, how would i make it so that anything in $bannedurls stops the post being made?

 

$bannedurls = "1.com, 2.com, 3.com";

 

The var for the what the domains are, is $weburl, $weburl would be something like www.site.com

 

$bannedurls = "1.com, 2.com, 3.com";

 

if (in_array(eregi("$bannedurls", $weburl)) {

die ("Your website has been banned.");

}

 

I think it would be something like this.

[pocobueno1388]

Why did you put the eregi() in there? It would be the same exact code, just change the ips to website names.

[RickyF]

$bannedurls = "whatever.com";

$urls = explode(",", $bannedurls);

 

if (in_array("$bannedurls", $urls)){

die ("Your website is banned!");

}

 

This is different, as its part of a form, weburl is the input field being checked.

 

The script needs to ban *whatever.com*, not just whatever.com as people can bypass with www.whater.com or whatever.com/ etc

 

 

Thanks

[pocobueno1388]

<?php

$bannedsites = "1.com, *1.com*";
$sites = explode(",", $bannedsites);

if (in_array("IP ADDRESS", $sites)){
    
    echo "You are banned!";
exit;
}

?>

[RickyF]

Thanks, working, is there a way to make it so that spaces after commas dont stop the validation from working?

 

$var = "1,2,3"; works

$var = "1, 2, 3"; doesnt

[pocobueno1388]

<?php

$bannedsites = "1.com, *1.com*";
$sites = explode(", ", $bannedsites);

if (in_array("IP ADDRESS", $sites)){
    
    echo "You are banned!";
exit;
}

?>

 

That should do it.

[RickyF]

Sorry i think i have confused you.

 

I need the script to be able to ban a website in full, e.g. if i banned site.com, the script should ban any thing with site.com in it, this script doesn't do this, this is why i used eregi in an earlier post to you.

 

Thanks

 

Heres what i currently have:

 

$bannedurls = "website1.com,website2.com,website3.com";

$sites = explode(",", $bannedurls);

if (in_array("$bannedurls", $sites)){
die ("Your website is banned!");
}

[Menekali]

Anyway to expand on this, and ban ip ranges?

[keeB]

$var = "1,2,3"; works

$var = "1, 2, 3"; doesnt

 

http://php.net/trim

[RickyF]

Hi, the ban ips part is working fine, its just the web url banning that isnt working fully

 

as explained, if site.com was banned by the script, and some one tried posting www.site.com it would let them, the script needs to check if anything like site.com is posted, e.g. *site.com*, meaning anything.site.com or www.site.com etc should also be banned.

[ToonMariner]

IP banning is pretty pointless... there are ways around it if they really want to..

 

However in this sitiation if you are going to store lots of ipp addresses or url's I would suggest simply having a table with just one field (a varchar) then in that table store all the ips and urls that are banned.  simply query that table when ever you need to check if the ip address or url is banned.  if the ipa/url is in the table you will get more than 0 results so use that to decide if the action is allowed or not.

[pocobueno1388]

Here you go:

 

<?php

$bannedurls = "website1.com,website2.com,website3.com";
$sites = explode(",", $bannedurls);

//This is the website you are checking to see if it is banned
$check = "website2.com";

foreach ($sites as $site){
    $site = trim($site);
    
    if (strchr($check, $site)){
        echo "You are banned!";
        return FALSE;
    }
}

?>

[RickyF]

Thanks for the script, will try it in a sec.

 

I know things can be bypassed, but the script needs a form of IP banning, i think its a pointless feature too, but its been requested so....

[RickyF]

Warning: in_array() [function.in-array]: Wrong datatype for second argument on line 12

Your ip is banned!

 

$bannedurls = "web1.com,web2.com,web3.com";

[LiamProductions]

Wow, I never knew you could IP ban, thanks for this. 

[Foser]

I find this type of banning system is a bit stupid since, you can change your ip in 5 seconds... 

[RickyF]

I know, i think its stupid too lol, but people seem to want the feature for some reason.

[LiamProductions]

Noob's that spam your forum can't change their ip, I think its clever if you want to ban them of your whole site 

[ToonMariner]

Liam - anyone can change their ip address in seconds - all you need to do is surf via a proxy and your are done. Even 'noobs' can do this it takes seconds to implement it and a couple of minutes to find out how with a google search.

 

There is no real solution to banning people - all you can do is make it as hard as possible for them - I have implemented a quite laboureous system in the past that uses cookies and ipaddresses that was still fairly easy to get round.

 

Forcing someone to logon means they will have to go through the registration process over and over and ultimately you could reference a list of proxy servers too and disable access for them.  Bottom line is all you can do is make it harder for them to circum vent.

[keeB]

Instead of doing a foreach which may have performance implications (and the next method may, as well) you can use the function in_array: http://php.net/in_array

 

I don't know which is faster, but may be easier to read.