Help on this appreciated

*Dean B* · 09-10-1999, 07:52 AM

Hi all,
I 'borrowed' the below snippet of code from Phorum to enable me to ban certain jerks from my golfing ladders. Unfortunately this morning I found I needed to use it but on testing it using my own ip I found it would still allow me to join. Can anyone spot the fault for me coz I can't

Code Sample:

 

  require(&quot;bad_hosts.inc&quot;

  $host = getenv('REMOTE_HOST');

     if (!$host) {

          $host = getenv('REMOTE_ADDR');    

        }

  

  $host = @GetHostByAddr($host);



  $cnt=count($hosts);

  for($x=0;$x<$cnt;$x++) {

     if (ereg($hosts[$x],$host)) {

         echo&quot;Go play on the freeway,jerk&quot;;



      exit();

       }

    }

and the contents of bad_hosts.inc (uploaded in ascii)

Code Sample:

 

<?PHP

  // to use this file add a line like this:

  // $hosts[]=&quot;the.bad.host.name.com&quot;;

  // regexp can be used to disallow entire networks:

  // $hosts[]=&quot;^555.555.555&quot;;

  // would disallow anyone with an IP that starts with 555.555.555.

  // use the address resolved as the host of the poster 

     $hosts[]=&quot;^194.168.10&quot;;

  // $hosts[]=&quot;cableol.net&quot;;

  // $hosts[]=&quot;DMCITY&quot;;

?>

I know it's kinda extreme banning entire networks but in the event of someone using the same isp I can always add them manually.
Any fast fix ideas mucho appreciated.

------------------
Regards, Dean.
**DMCity**
www.dmcity.com
**********

*Dean B* · 09-11-1999, 07:26 AM

No one help me on this ?

Justin · 09-11-1999, 06:54 PM

Hm...

Code Sample:

 

<?



# Just include this file at the top of any file you wish to disallow access from the below IP's.



# Set up our array of bad hosts

$banned = array (&quot;192.127.1.1&quot;, &quot;205.134.22.1&quot;, &quot;208.192.23.&quot;



# Note that you can just put &quot;208.192.23.&quot; and it will ban the entire C-block.



# Get remote IP

$host = $HTTP_REMOTE_ADDR;



# Walk through the bad hosts

for ($i = 0; $i < count ($banned); $i++) {

   if (ereg (&quot;^$banned[$i]&quot;, $host)) {

      print &quot;Beggar OFF!&quot;;

      exit;

   }



}



?>

I haven't tested this or anything, but it should work. Then just include it at the top of any PHP file you want them banned from, and they will not be allowed to access that file.

Hope this helps.

------------------
Justin Nelson
FutureQuest Support

*Dean B* · 09-12-1999, 09:19 AM

Justin,
Thx for your suggestion but for some reason it doesn't work

Tried it on a test page but just throws a blank screen. Using the below -

Code Sample:

 

<html>

<body>

<?php



# Set up our array of bad hosts

$banned = array (&quot;194.168.10.&quot;



# Note that you can just put &quot;208.192.23.&quot; and it will ban the entire C-block.



# Get remote IP

$host = $HTTP_REMOTE_ADDR;



# Walk through the bad hosts

for ($i = 0; $i < count ($banned); $i++) {

   if (ereg (&quot;^$banned[$i]&quot;, $host)) {

      print &quot;Beggar OFF!&quot;;

      exit;

   }



}





?>

</body>

</html>

Page at - http://www.dmcity.com/ladder/dmcpstk/ipban.php3

Dean.

Justin · 09-12-1999, 11:58 AM

The key here is that if it's good (ie, an allowed IP), it will produce no output - it is meant to go at the top of a PHP page. If the IP is bad it prints "Beggar OFF!" and dies, otherwise allows the PHP script below it to continue. This would work if you paste the code at the top of another PHP page or if you simply include() it...

Also, I'm not sure if the array() function likes having just one item in the list - try it with a second IP (like 255.255.255.255 or otherwise invalid/unlikely) and see if that works - it may be dying at that point and just not sending an error message (a minor but annoying bug in the current version on the servers).

Lemme know if that helps any...

<edit>
I think I just realized a potential problem - it is going to take the "."'s in the IP as a regular expression pattern - ie, matching any character... escape the dots...

(I hate that the UBB doesn't show the full post when editing - grrr - guessing here)

$bad = array ('192\.245\.12\.', '208\.135\.13\.34');

Something like that... using single quotes so that the slashes remain intact.

I'll run some tests later on (after some sleep) and come up with what will work

</edit>

------------------
Justin Nelson
FutureQuest Support

--
Escape the *** **** dots!
[This message has been edited by Justin (edited 09-12-99)]

*Dean B* · 09-12-1999, 02:08 PM

Justin,
I found the problem;

$host = $HTTP_REMOTE_ADDR;
doesn't work

$host = $REMOTE_ADDR;
does

Thx bud.