[advanced search]
 

Go Back   NamePros.com > Discussion > Web Design & Development > Programming

Programming PHP, Perl, Ruby on Rails, AJAX, HTML, XHTML, CSS, JavaScript, MySQL and any other coding topics.


Closed Thread
 
LinkBack Thread Tools
Old 05-08-2007, 08:26 AM   #1 (permalink)
NamePros Regular
 
TwiztedFake's Avatar
 
Join Date: Apr 2004
Location: IL
Posts: 339
50.00 NP$ (Donate)

TwiztedFake is on a distinguished road


PHP IP block

I wanting to create a better ip blocker but can't seem to figure it out.

First here is the code that I get the ip with
PHP Code:
$ip = ($_SERVER['HTTP_X_FORWARDED_FOR'])
    ?  
$_SERVER['HTTP_X_FORWARDED_FOR']
    :  
$_SERVER['REMOTE_ADDR'];
This is a sample of the $ip output after that line
$ip = "216.86.152.216";

When an ip is blocked it is added to a table in the database. When the page is accessed it checks for the ip output from the above line against what is in the table.

PHP Code:
$query=mysql_query("SELECT * FROM bans WHERE banip LIKE '%$ip%'", $c);
$count=mysql_num_rows($query);
mysql_free_result($query);

if(
$count == 1)
{
    die(
"<b><font color=red size=+1>Your IP has been banned, there is no way around this.</font></b></body></html>");
}
Now here is my problem, for instance if 216.86.152.216 is a banned ip and they have a dynamic ip their next access may be 216.86.152.153. How can I ban the range of an ip without having to redo the input to the db. Is there a way to do it when the ip is checked against the db? For example when I ban 216.86.152.216, I want it to ban all ip's 216.86.152.XXX
__________________
Four Seasons Outfitters
[ 25 $NP/Month ] [ 25 $NP/Month ] [ 25 $NP/Month ]
[ 25 $NP/Month] [ 25 $NP/Month]
TwiztedFake is offline  
Old 05-08-2007, 09:26 AM   #2 (permalink)
Barru.
 
Barrucadu's Avatar
 
Join Date: Aug 2005
Location: East Yorkshire, England
Posts: 2,731
78.50 NP$ (Donate)

Barrucadu is a splendid one to beholdBarrucadu is a splendid one to beholdBarrucadu is a splendid one to beholdBarrucadu is a splendid one to beholdBarrucadu is a splendid one to beholdBarrucadu is a splendid one to beholdBarrucadu is a splendid one to behold


Edit: Oh, I just saw you said without re-doing the db. Ah well...

There is probably a better way than this:
PHP Code:
$remoteAddr = ($_SERVER['HTTP_X_FORWARDED_FOR'])
    ?  
$_SERVER['HTTP_X_FORWARDED_FOR']
    :  
$_SERVER['REMOTE_ADDR'];
$ipBits = explode('.', $remoteAddr);
$ipBits[3] = '*';
$ip = implode('.', $ipBits);
That should output something like "216.86.152.*"
Barrucadu is offline  
Old 05-08-2007, 09:36 AM   #3 (permalink)
NamePros Member
 
jabba_29's Avatar
 
Join Date: Mar 2007
Location: Finland
Posts: 29
5.00 NP$ (Donate)

jabba_29 is an unknown quantity at this point


There will most definitely be tidier ways of doing this, but
PHP Code:
<?php
$ip
= '216.86.152.216';
$ex   = explode( ".", $ip );
$last = end( $ex );
$ip = str_replace($last .'.', '', $ip);
__________________
Regards Jamie

Let the might of your compassion arise to bring a quick end
to the flowing stream of the blood and tears .....
Please hear my anguished words of truth.

Last edited by jabba_29; 05-08-2007 at 10:00 AM.
jabba_29 is offline  
Old 05-08-2007, 09:36 AM   #4 (permalink)
Senior Member
 
champ_rock's Avatar
 
Join Date: Oct 2006
Location: http://akshayjain.org
Posts: 2,768
8,037.05 NP$ (Donate)

champ_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond repute


any way to do that without using any databases? like using a text file to list all the ip addresses that u need blocking..?
__________________
Akshay Jain
......................
champ_rock is offline  
Old 05-08-2007, 10:03 AM   #5 (permalink)
NamePros Member
 
jabba_29's Avatar
 
Join Date: Mar 2007
Location: Finland
Posts: 29
5.00 NP$ (Donate)

jabba_29 is an unknown quantity at this point


Of course.

If you use file() you can open a text file as an array.
Using in_array from there should do the trick.

What exactly do you need to know?
What is your coding level?...

Do you need to know how to write the files or have you got something concrete already?
__________________
Regards Jamie

Let the might of your compassion arise to bring a quick end
to the flowing stream of the blood and tears .....
Please hear my anguished words of truth.
jabba_29 is offline  
Old 05-08-2007, 10:17 AM   #6 (permalink)
Senior Member
 
champ_rock's Avatar
 
Join Date: Oct 2006
Location: http://akshayjain.org
Posts: 2,768
8,037.05 NP$ (Donate)

champ_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond repute


Quote:
Originally Posted by jabba_29
Of course.

If you use file() you can open a text file as an array.
Using in_array from there should do the trick.

What exactly do you need to know?
What is your coding level?...

Do you need to know how to write the files or have you got something concrete already?
my coding level is less than a Noob. i know about arrays, file(), foreach and some others.

can u please give me a proper code which i can insert in my already existing php files and use a text file to list out all the ip addresses that i need banned?
__________________
Akshay Jain
......................
champ_rock is offline  
Old 05-08-2007, 10:25 AM   #7 (permalink)
Traveller
 
-NC-'s Avatar
 
Join Date: Mar 2007
Location: Yet another city
Posts: 1,392
614.57 NP$ (Donate)

-NC- has much to be proud of-NC- has much to be proud of-NC- has much to be proud of-NC- has much to be proud of-NC- has much to be proud of-NC- has much to be proud of-NC- has much to be proud of-NC- has much to be proud of-NC- has much to be proud of-NC- has much to be proud of

Animal Cruelty Animal Rescue Ethan Allen Fund Protect Our Planet
Quote:
Originally Posted by Mikor
PHP Code:
$ipBits = explode('.', $remoteAddr);
$ipBits[3] = '*';
$ip = implode('.', $ipBits);
To make the query LIKE statement work, it might need to be:

PHP Code:
$ipBits = explode('.', $remoteAddr);
$ipBits[3] = '';
$ip = implode('.', $ipBits);
(no * in second line)



BTW Twizted, you could probably go a bit easier on your DB by doing:

banip LIKE '$ip%'"

(No percent sign at the start)

This assumes your `banip` field contains only a single IP, with no whitespace.
-NC- is offline  
Old 05-08-2007, 01:03 PM   #8 (permalink)
NamePros Regular
 
monaco's Avatar
 
Join Date: Jul 2005
Location: Tucson, AZ
Posts: 695
314.80 NP$ (Donate)

monaco will become famous soon enough


Why do you want to do this in PHP? Why not just use the .htaccess file to prevent access from certain IP blocks? That way you don't need to waste server resources handling the request and passing it to PHP, since it's handled by the httpd.
__________________
My Website | My Blog
monaco is offline  
Old 05-08-2007, 05:02 PM   #9 (permalink)
NamePros Regular
 
TwiztedFake's Avatar
 
Join Date: Apr 2004
Location: IL
Posts: 339
50.00 NP$ (Donate)

TwiztedFake is on a distinguished road


Quote:
Originally Posted by RCRiver
To make the query LIKE statement work, it might need to be:

PHP Code:
$ipBits = explode('.', $remoteAddr);
$ipBits[3] = '';
$ip = implode('.', $ipBits);
(no * in second line)



BTW Twizted, you could probably go a bit easier on your DB by doing:

banip LIKE '$ip%'"

(No percent sign at the start)

This assumes your `banip` field contains only a single IP, with no whitespace.
Yes a single ip is stored per entry to the db.

Quote:
Why do you want to do this in PHP? Why not just use the .htaccess file to prevent access from certain IP blocks? That way you don't need to waste server resources handling the request and passing it to PHP, since it's handled by the httpd.
Well some of the blocks are done with .htaccess, some are done via php. The reason for this is that this is used on an rpg game, Permant blocks are done through .htaccess, the ones that are done through php are timed blocks, that are reset by a cron job based on the time frame the ban was set for.
__________________
Four Seasons Outfitters
[ 25 $NP/Month ] [ 25 $NP/Month ] [ 25 $NP/Month ]
[ 25 $NP/Month] [ 25 $NP/Month]
TwiztedFake is offline  
Old 05-08-2007, 07:09 PM   #10 (permalink)
Senior Member
 
champ_rock's Avatar
 
Join Date: Oct 2006
Location: http://akshayjain.org
Posts: 2,768
8,037.05 NP$ (Donate)

champ_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond repute


well in my case i use a Centos VPS and it does not seem to take any command from the .htaccess file.. it does not even redirect www. to the root of my site

therefore without .htaccess working i think php is the only way i can achieve it
__________________
Akshay Jain
......................
champ_rock is offline  
Old 05-09-2007, 03:17 PM   #11 (permalink)
NamePros Regular
 
Join Date: Feb 2006
Posts: 588
1,620.95 NP$ (Donate)

jerometan is a name known to alljerometan is a name known to alljerometan is a name known to alljerometan is a name known to alljerometan is a name known to alljerometan is a name known to all


You can install APF Firewall.

Just get your application to execute "apf -d IP.IP.IP.0/24".
Will block the whole range of IP.IP.IP.*
jerometan is offline  
Old 05-09-2007, 08:39 PM   #12 (permalink)
Senior Member
 
champ_rock's Avatar
 
Join Date: Oct 2006
Location: http://akshayjain.org
Posts: 2,768
8,037.05 NP$ (Donate)

champ_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond reputechamp_rock has a reputation beyond repute


please tell me what command should i write in YUM to install apf firewall?
__________________
Akshay Jain
......................
champ_rock is offline  
Old 05-10-2007, 01:09 AM   #13 (permalink)
Senior Member
 
Camron's Avatar
 
Join Date: Jan 2006
Location: Portland, Oregon
Posts: 2,059
24.85 NP$ (Donate)

Camron has much to be proud ofCamron has much to be proud ofCamron has much to be proud ofCamron has much to be proud ofCamron has much to be proud ofCamron has much to be proud ofCamron has much to be proud ofCamron has much to be proud ofCamron has much to be proud of

VA Tech Memorial 9/11/01 :: Never Forget Cancer Survivorship Child Abuse
Quote:
Originally Posted by champ_rock
please tell me what command should i write in YUM to install apf firewall?
As far as I know there is no current way to install apf via the yum tool. You can use this reference, it's quite easy to install actually:

http://www.webhostgear.com/61.html
__________________
|| VPSByte Virtual & Dedicated Solutions
|| True 24/7/365 support with a 1 hour guaranteed response time!
|| We offer budget, yet powerful dedicated servers and vps solutions.
|| All servers come w/ 10Mbps unmetered bandwidth & lite management standard.
Camron is offline  
Closed Thread


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Site Sponsors
Advertise your business at NamePros

All times are GMT -7. The time now is 04:24 PM.


Powered by: vBulletin® Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.3.0
Template-Modifications by TMS
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85