Ad:

PHP Discussion Thread
Unsolved
Views: 2427

Nov 18th, 2008

Using simple php redirect script but need to pull information from mysql instead

Expand Post »

I am using the following PHP redirect script for a non-profit website, but because the blocked IP list keeps getting longer and longer, I want to pull the IP information from a simple mysql database that lists only IP addresses that have been blocked. I have tried several different combinations but cannot get them to work. I have an _include.connection.php that works well. The database is maintained using an admin page so adding the IP addresses to the database is no problem. Thanks for any suggestions and help.

PHP Syntax (Toggle Plain Text)
<?php
// the list of banned IPs, including partial IP addresses
$iplist = array("82.128.","82.128.45.248","82.128.45.247","172.194.4.185","82.128.107.164"); 
$ip = getenv("REMOTE_ADDR"); // get the visitors IP address
// echo "$ip";
$found = false;
foreach ($iplist as $value) { // scan the list
  if (strpos($ip, $value) === 0){
    $found = true;
  }
}
 
if ($found == true) {
  echo "top.location = \access_denied.php\";\n"; // page to divert to
}
 
?>
<?php
// the list of banned IPs, including partial IP addresses
$iplist = array("82.128.","82.128.45.248","82.128.45.247","172.194.4.185","82.128.107.164"); 
$ip = getenv("REMOTE_ADDR"); // get the visitors IP address
// echo "$ip";
$found = false;
foreach ($iplist as $value) { // scan the list
  if (strpos($ip, $value) === 0){
    $found = true;
  }
}

if ($found == true) {
  echo "top.location = \access_denied.php\";\n"; // page to divert to
}

?>

seacaptdon

Reputation Points: 10

Solved Threads: 1

Newbie Poster

Offline

6 posts
since Nov 2008

Permalink

Nov 18th, 2008

Re: Using simple php redirect script but need to pull information from mysql instead

Well, actually if you use a database there is much faster way to do your job.

Your code should look something like this. Let's presume your db table is called 'banned' and your column with banned ip's is called ip.

PHP Syntax (Toggle Plain Text)
$db_connect = mysql_connect(host, user, pass);
$db_select = mysql_select_db('banned_ips');
$current_ip = getenv("REMOTE_ADDR");
 
$select = 'SELECT banned.ip FROM banned WHERE ip like "'.$current_ip.'%"';
$run = mysql_query($select, $db_connect);
$result = mysql_num_rows($run);
 
if($result>0)
  {
  header('Location: access_denied.php');
  }
else {$found=false;}
$db_connect = mysql_connect(host, user, pass);
$db_select = mysql_select_db('banned_ips');
$current_ip = getenv("REMOTE_ADDR");

$select = 'SELECT banned.ip FROM banned WHERE ip like "'.$current_ip.'%"';
$run = mysql_query($select, $db_connect);
$result = mysql_num_rows($run);

if($result>0)
  {
  header('Location: access_denied.php');
  }
else {$found=false;}

I think that this should be OK for what you need to accomplish.

Rhyan

Reputation Points: 21

Solved Threads: 26

Posting Whiz in Training

Offline

240 posts
since Oct 2006

Permalink

Nov 18th, 2008

Re: Using simple php redirect script but need to pull information from mysql instead

Thank you very much, I will try this change and let you know. I really appreciate your suggestion.
By the way, I love your city. I really enjoyed your country.

Last edited by seacaptdon; Nov 18th, 2008 at 8:42 pm.

seacaptdon

Reputation Points: 10

Solved Threads: 1

Newbie Poster

Offline

6 posts
since Nov 2008

Permalink

Nov 19th, 2008

Re: Using simple php redirect script but need to pull information from mysql instead

Rhyan,
I used your php script and it worked fine with the mysql database when I included the full IP address such as 123.456.789.011 but when I tried to use a partial IP address such as 123.456. it did not block the IP. I tried it with both 123.456. (with dot) and 123.456 (without dot) because somewhere I remember that it required the last dot.
Any suggestions? Because I need to be able to ban a range of IPs also since some objectionable visitors are on dynamic ISP and their IP changes with every log on.

seacaptdon

Reputation Points: 10

Solved Threads: 1

Newbie Poster

Offline

6 posts
since Nov 2008

Permalink

Nov 20th, 2008

Re: Using simple php redirect script but need to pull information from mysql instead

Hmm...
I analyzed your original script. So i think if we change the SELECT string like this, it will work for you.

PHP Syntax (Toggle Plain Text)
$select = 'SELECT banned.ip  FROM banned WHERE instr("'.$current_ip.'",ip)';
$select = 'SELECT banned.ip  FROM banned WHERE instr("'.$current_ip.'",ip)';

Try it and tell us the result.

Rhyan

Reputation Points: 21

Solved Threads: 26

Posting Whiz in Training

Offline

240 posts
since Oct 2006

Permalink

Nov 20th, 2008

Re: Using simple php redirect script but need to pull information from mysql instead

I tried the script change and it will block a full IP but not a partial IP such as 172.190 or 172.190.
The original script blocked the partial IP but could not access the database and unfortunately I do not know how to fix it.

seacaptdon

Reputation Points: 10

Solved Threads: 1

Newbie Poster

Offline

6 posts
since Nov 2008

Permalink

Nov 21st, 2008

Re: Using simple php redirect script but need to pull information from mysql instead

Click to Expand / Collapse Quote originally posted by seacaptdon ...

I tried the script change and it will block a full IP but not a partial IP such as 172.190 or 172.190.
The original script blocked the partial IP but could not access the database and unfortunately I do not know how to fix it.

This is really strange, because I have tested the code in my server and it works perfectly. Note that it works either with or without the second dot with no problems. Basically what I did was to use same method to match banned ips to current ip as, however using the built-in mysql functions, which is faster than retrieving the complete database into php and then applying search rules on these results.

But if you still insist on usign your code, it should look something like this:

PHP Syntax (Toggle Plain Text)
<?php
 
$result = mysql_query('select ip from banned.ip');
$count = mysql_num_rows($result);
$iplist=array();
for($i=0;$i<$count;$i++)
  {
  $row=mysql_fetch_row($result);
// the list of banned IPs, including partial IP addresses
  $iplist[$i] .= $row['0'];
  }
$ip = getenv("REMOTE_ADDR"); // get the visitors IP address
// echo "$ip";
$found = false;
foreach ($iplist as $value) { // scan the list
  if (strpos($ip, $value) === 0){
    $found = true;
  }
}
 
if ($found == true) {
  echo "top.location = \access_denied.php\";\n"; // page to divert to
}
 
?>
<?php

$result = mysql_query('select ip from banned.ip');
$count = mysql_num_rows($result);
$iplist=array();
for($i=0;$i<$count;$i++)
  {
  $row=mysql_fetch_row($result);
// the list of banned IPs, including partial IP addresses
  $iplist[$i] .= $row['0'];
  }
$ip = getenv("REMOTE_ADDR"); // get the visitors IP address
// echo "$ip";
$found = false;
foreach ($iplist as $value) { // scan the list
  if (strpos($ip, $value) === 0){
    $found = true;
  }
}

if ($found == true) {
  echo "top.location = \access_denied.php\";\n"; // page to divert to
}

?>

Hope it works.

By the way, is this php script part of a javascript, because top.location is not php's function for sending headers?

Last edited by Rhyan; Nov 21st, 2008 at 3:22 am.

Rhyan

Reputation Points: 21

Solved Threads: 26

Posting Whiz in Training

Offline

240 posts
since Oct 2006

Permalink

Nov 21st, 2008

Re: Using simple php redirect script but need to pull information from mysql instead

Thanks again! Actually I prefer the simpler code and I do not know why it would not work when I tested it but I will try the simple code again. Perhaps it had to do with the way I included your script in my web pages using the JavaScript code below which was inserted just above the </head>...

PHP Syntax (Toggle Plain Text)
<SCRIPT TYPE="text/javascript" LANGUAGE="javascript" SRC="_includes/ip_redirect.php">
</SCRIPT>
<SCRIPT TYPE="text/javascript" LANGUAGE="javascript" SRC="_includes/ip_redirect.php">
</SCRIPT>

or would it be better to use a php code such as

PHP Syntax (Toggle Plain Text)
<?php include("_includes/ip_redirect.php"); ?>
<?php include("_includes/ip_redirect.php"); ?>

Again, thanks for your help and as I said, I would much prefer the most simple way to do it. Also it occurred to me that maybe I should include your code in the head of my web page instead and use it that way, but is that the most awkward way to do it?

Thanks, Donald

seacaptdon

Reputation Points: 10

Solved Threads: 1

Newbie Poster

Offline

6 posts
since Nov 2008

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in PHP Forum Timeline: Email addresses showing as text. How to turn them into hyperlinks?

Next Thread in PHP Forum Timeline: php -> classes problem

DaniWeb Message

Cancel Changes

User Name
Password