Home > Archive > PHP Language > May 2006 > PHP ban script
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| carmen 2006-05-08, 3:58 am |
| Hello
I came across a php script on the net that will compare a web surfers IP
address to those in a text file. If a match or partial match is found, the
user is banned from accessing the php script, but if no match is found, the
php script executes.
The original script is as follows:
line 1 <?php
line 2 $IP = $_SERVER['REMOTE_ADDR'];
line 3 $IP_array = file('../folder/IP.dat');
line 4 $IP_array = str_replace("\n", "", $IP_array);
line 5 $IP_array = str_replace("\r", "", $IP_array);
line 6 foreach ($IP_array as $IP_test) {
line 7 if (substr_count($IP, $IP_test) != "0") {
line 8
line 9 echo 'Banned World!';
line 10
line 11 die();
line 12 }
line 13 }
line 14
line 15 echo 'Hello World!';
line 16
line 17 ?>
I currently have not one text file with banned addresses, but five different
one (eg IP.dat, IP1.dat, IP2.dat, IP3.dat, IP4.dat) and was wondering if
there was an easy way of changing the code so that it efficiently checks the
surfers IP address to all the IPx.dat files to see if it is banned? I could
simply replicate the code 5 times to check each file, but if there was a way
of just looping through the various files, that would be great.
I know I could merge the 5 IPx.dat files into a single one and not have to
worry about this, but for management purposes of the bans, it works a lot
better for me having the 5 distinct files.
Thank you
| |
|
| On Mon, 08 May 2006 05:33:41 GMT, "carmen" <dddd@kkdi.cka> wrote:
>Hello
>
>I came across a php script on the net that will compare a web surfers IP
>address to those in a text file. If a match or partial match is found, the
>user is banned from accessing the php script, but if no match is found, the
>php script executes.
For starters, this is something that would be much more efficient if
it were using a database as opposed to a group of text files. I
mention this primarily because you do seem to be concerned about
efficiency.
>The original script is as follows:
>
>line 1 <?php
>line 2 $IP = $_SERVER['REMOTE_ADDR'];
>line 3 $IP_array = file('../folder/IP.dat');
>line 4 $IP_array = str_replace("\n", "", $IP_array);
>line 5 $IP_array = str_replace("\r", "", $IP_array);
>line 6 foreach ($IP_array as $IP_test) {
>line 7 if (substr_count($IP, $IP_test) != "0") {
>line 8
>line 9 echo 'Banned World!';
>line 10
>line 11 die();
>line 12 }
>line 13 }
>line 14
>line 15 echo 'Hello World!';
>line 16
>line 17 ?>
>
>I currently have not one text file with banned addresses, but five different
>one (eg IP.dat, IP1.dat, IP2.dat, IP3.dat, IP4.dat) and was wondering if
>there was an easy way of changing the code so that it efficiently checks the
>surfers IP address to all the IPx.dat files to see if it is banned? I could
>simply replicate the code 5 times to check each file, but if there was a way
>of just looping through the various files, that would be great.
<?php
for ($i = 1; $i <= 5; $i++) {
$ipArray = file('../folder/IP' . $i . '.dat');
$ipArray = preg_replace("/[\r\n]/", '', $ipArray);
if (in_array($_SERVER['REMOTE_ADDR'], $ipArray)) {
die('Banned');
}
}
echo 'Hello, world!';
?>
>I know I could merge the 5 IPx.dat files into a single one and not have to
>worry about this, but for management purposes of the bans, it works a lot
>better for me having the 5 distinct files.
I would still suggest looking into a database solution if you can,
especially if you're getting decent traffic. Hitting 5 extra files per
pageload is not at all efficient compared to sending a query to a
database that caches things to RAM.
hth
-
Remove mypants to email.
<http://www.shaunc.com/>
| |
| Geoff Berrow 2006-05-08, 3:58 am |
| Message-ID: <flmt5213gdjtsoa0f9g0671cahmr8b70to@4ax.com> from Shaun
contained the following:
>
>For starters, this is something that would be much more efficient if
>it were using a database as opposed to a group of text files. I
>mention this primarily because you do seem to be concerned about
>efficiency.
For seconds, it is assuming that IP is a unique identifier. It isn't.
--
Geoff Berrow 0110001001101100010000000110
0011011010110110010001101111011001110010
11
1001100011011011110010111001110101011010
11
| |
| carmen 2006-05-08, 3:58 am |
| Thank you for your help, this worked great.
You are correct about the database method being faster, but I'm looking
forward to seeing what kind of speed this script will run at as I do want to
apply it to all my websites and if I can avoid having to setup databases, it
will allow faster implementation. If not, I'll go the database route.
Thanks again.
"Shaun" <shaun@mypants.drunkwerks.com> wrote in message
news:flmt5213gdjtsoa0f9g0671cahmr8b70to@
4ax.com...
> On Mon, 08 May 2006 05:33:41 GMT, "carmen" <dddd@kkdi.cka> wrote:
>
>
> For starters, this is something that would be much more efficient if
> it were using a database as opposed to a group of text files. I
> mention this primarily because you do seem to be concerned about
> efficiency.
>
>
> <?php
> for ($i = 1; $i <= 5; $i++) {
> $ipArray = file('../folder/IP' . $i . '.dat');
> $ipArray = preg_replace("/[\r\n]/", '', $ipArray);
> if (in_array($_SERVER['REMOTE_ADDR'], $ipArray)) {
> die('Banned');
> }
> }
> echo 'Hello, world!';
> ?>
>
>
> I would still suggest looking into a database solution if you can,
> especially if you're getting decent traffic. Hitting 5 extra files per
> pageload is not at all efficient compared to sending a query to a
> database that caches things to RAM.
>
> hth
>
> -
> Remove mypants to email.
> <http://www.shaunc.com/>
| |
| carmen 2006-05-08, 3:58 am |
| Hello Shaun
Could you confirm, does the code you provided ban based on partial IP
addresses similar to the original script? I did try it a couple of times to
see if i could get it to ban based on a partial match of my IP address, but
no luck.
For example, if ip1.dat had 1.2.3 as one ip address, it would ban anyone
coming to the site with an ip of 1.2.3.4, 1.2.3.5, 1.2.3.6, etc, or if
ip1.dat had 1.2, it would ban 1.2.3.4, 1.2.5.6, etc
thx
"Shaun" <shaun@mypants.drunkwerks.com> wrote in message
news:flmt5213gdjtsoa0f9g0671cahmr8b70to@
4ax.com...
> On Mon, 08 May 2006 05:33:41 GMT, "carmen" <dddd@kkdi.cka> wrote:
>
>
> For starters, this is something that would be much more efficient if
> it were using a database as opposed to a group of text files. I
> mention this primarily because you do seem to be concerned about
> efficiency.
>
>
> <?php
> for ($i = 1; $i <= 5; $i++) {
> $ipArray = file('../folder/IP' . $i . '.dat');
> $ipArray = preg_replace("/[\r\n]/", '', $ipArray);
> if (in_array($_SERVER['REMOTE_ADDR'], $ipArray)) {
> die('Banned');
> }
> }
> echo 'Hello, world!';
> ?>
>
>
> I would still suggest looking into a database solution if you can,
> especially if you're getting decent traffic. Hitting 5 extra files per
> pageload is not at all efficient compared to sending a query to a
> database that caches things to RAM.
>
> hth
>
> -
> Remove mypants to email.
> <http://www.shaunc.com/>
| |
| Treefrog 2006-05-08, 6:59 pm |
| carmen wrote:
> Hello
>
> I came across a php script on the net that will compare a web surfers IP
> address to those in a text file. If a match or partial match is found, the
> user is banned from accessing the php script, but if no match is found, the
> php script executes.
And if they come from AOL, via a proxy you *could* be banning thousands
of users. Since they're using AOL it's probably not an issue, but if
you're selling penis enlargement/fat busting pills then you could be
loosing the majority of your business.
| |
| Gernot Frisch 2006-05-08, 6:59 pm |
|
> And if they come from AOL, via a proxy you *could* be banning
> thousands
> of users. Since they're using AOL it's probably not an issue, but if
> you're selling penis enlargement/fat busting pills then you could be
> loosing the majority of your business.
LOL. Also, if I disconnect from my provider and a friend logs in at
the same provider, the IP might be my old one. So, you should make IPs
invalid after a time of, say 1 hour or so...
|
|
|
|
|