I am using the following PHP redirect script for a non-profit website, but because the blocked IP list keeps getting longer and longer, I want to pull the IP information from a simple mysql database that lists only IP addresses that have been blocked. I have tried several different combinations but cannot get them to work. I have an _include.connection.php that works well. The database is maintained using an admin page so adding the IP addresses to the database is no problem. Thanks for any suggestions and help.

<?php
// the list of banned IPs, including partial IP addresses
$iplist = array("82.128.","82.128.45.248","82.128.45.247","172.194.4.185","82.128.107.164"); 
$ip = getenv("REMOTE_ADDR"); // get the visitors IP address
// echo "$ip";
$found = false;
foreach ($iplist as $value) { // scan the list
  if (strpos($ip, $value) === 0){
    $found = true;
  }
}

if ($found == true) {
  echo "top.location = \access_denied.php\";\n"; // page to divert to
}

?>

Well, actually if you use a database there is much faster way to do your job.

Your code should look something like this. Let's presume your db table is called 'banned' and your column with banned ip's is called ip.

$db_connect = mysql_connect(host, user, pass);
$db_select = mysql_select_db('banned_ips');
$current_ip = getenv("REMOTE_ADDR");

$select = 'SELECT banned.ip FROM banned WHERE ip like "'.$current_ip.'%"';
$run = mysql_query($select, $db_connect);
$result = mysql_num_rows($run);

if($result>0)
  {
  header('Location: access_denied.php');
  }
else {$found=false;}

I think that this should be OK for what you need to accomplish.

Thank you very much, I will try this change and let you know. I really appreciate your suggestion.
By the way, I love your city. I really enjoyed your country.

Rhyan,
I used your php script and it worked fine with the mysql database when I included the full IP address such as 123.456.789.011 but when I tried to use a partial IP address such as 123.456. it did not block the IP. I tried it with both 123.456. (with dot) and 123.456 (without dot) because somewhere I remember that it required the last dot.
Any suggestions? Because I need to be able to ban a range of IPs also since some objectionable visitors are on dynamic ISP and their IP changes with every log on.

Hmm...
I analyzed your original script. So i think if we change the SELECT string like this, it will work for you.

$select = 'SELECT banned.ip  FROM banned WHERE instr("'.$current_ip.'",ip)';

Try it and tell us the result.

I tried the script change and it will block a full IP but not a partial IP such as 172.190 or 172.190.
The original script blocked the partial IP but could not access the database and unfortunately I do not know how to fix it.

I tried the script change and it will block a full IP but not a partial IP such as 172.190 or 172.190.
The original script blocked the partial IP but could not access the database and unfortunately I do not know how to fix it.

This is really strange, because I have tested the code in my server and it works perfectly. Note that it works either with or without the second dot with no problems. Basically what I did was to use same method to match banned ips to current ip as, however using the built-in mysql functions, which is faster than retrieving the complete database into php and then applying search rules on these results.

But if you still insist on usign your code, it should look something like this:

<?php

$result = mysql_query('select ip from banned.ip');
$count = mysql_num_rows($result);
$iplist=array();
for($i=0;$i<$count;$i++)
  {
  $row=mysql_fetch_row($result);
// the list of banned IPs, including partial IP addresses
  $iplist[$i] .= $row['0'];
  }
$ip = getenv("REMOTE_ADDR"); // get the visitors IP address
// echo "$ip";
$found = false;
foreach ($iplist as $value) { // scan the list
  if (strpos($ip, $value) === 0){
    $found = true;
  }
}

if ($found == true) {
  echo "top.location = \access_denied.php\";\n"; // page to divert to
}

?>

Hope it works.

By the way, is this php script part of a javascript, because top.location is not php's function for sending headers?

Thanks again! Actually I prefer the simpler code and I do not know why it would not work when I tested it but I will try the simple code again. Perhaps it had to do with the way I included your script in my web pages using the JavaScript code below which was inserted just above the </head>...

<SCRIPT TYPE="text/javascript" LANGUAGE="javascript" SRC="_includes/ip_redirect.php">
</SCRIPT>

or would it be better to use a php code such as

<?php include("_includes/ip_redirect.php"); ?>

Again, thanks for your help and as I said, I would much prefer the most simple way to do it. Also it occurred to me that maybe I should include your code in the head of my web page instead and use it that way, but is that the most awkward way to do it?

Thanks, Donald

This article has been dead for over six months. Start a new discussion instead.