PHP ban script

Re: PHP ban script

On Mon, 08 May 2006 05:33:41 GMT, "carmen" <dddd@kkdi.ck a> wrote:
[color=blue]
>Hello
>
>I came across a php script on the net that will compare a web surfers IP
>address to those in a text file. If a match or partial match is found, the
>user is banned from accessing the php script, but if no match is found, the
>php script executes.[/color]

For starters, this is something that would be much more efficient if
it were using a database as opposed to a group of text files. I
mention this primarily because you do seem to be concerned about
efficiency.
[color=blue]
>The original script is as follows:
>
>line 1 <?php
>line 2 $IP = $_SERVER['REMOTE_ADDR'];
>line 3 $IP_array = file('../folder/IP.dat');
>line 4 $IP_array = str_replace("\n ", "", $IP_array);
>line 5 $IP_array = str_replace("\r ", "", $IP_array);
>line 6 foreach ($IP_array as $IP_test) {
>line 7 if (substr_count($ IP, $IP_test) != "0") {
>line 8
>line 9 echo 'Banned World!';
>line 10
>line 11 die();
>line 12 }
>line 13 }
>line 14
>line 15 echo 'Hello World!';
>line 16
>line 17 ?>
>
>I currently have not one text file with banned addresses, but five different
>one (eg IP.dat, IP1.dat, IP2.dat, IP3.dat, IP4.dat) and was wondering if
>there was an easy way of changing the code so that it efficiently checks the
>surfers IP address to all the IPx.dat files to see if it is banned? I could
>simply replicate the code 5 times to check each file, but if there was a way
>of just looping through the various files, that would be great.[/color]

<?php
for ($i = 1; $i <= 5; $i++) {
$ipArray = file('../folder/IP' . $i . '.dat');
$ipArray = preg_replace("/[\r\n]/", '', $ipArray);
if (in_array($_SER VER['REMOTE_ADDR'], $ipArray)) {
die('Banned');
}
}
echo 'Hello, world!';
?>
[color=blue]
>I know I could merge the 5 IPx.dat files into a single one and not have to
>worry about this, but for management purposes of the bans, it works a lot
>better for me having the 5 distinct files.[/color]

I would still suggest looking into a database solution if you can,
especially if you're getting decent traffic. Hitting 5 extra files per
pageload is not at all efficient compared to sending a query to a
database that caches things to RAM.

hth

-
Remove mypants to email.
<http://www.shaunc.com/>

Re: PHP ban script

Message-ID: <flmt5213gdjtso a0f9g0671cahmr8 b70to@4ax.com> from Shaun
contained the following:
[color=blue][color=green]
>>I came across a php script on the net that will compare a web surfers IP
>>address to those in a text file. If a match or partial match is found, the
>>user is banned from accessing the php script, but if no match is found, the
>>php script executes.[/color]
>
>For starters, this is something that would be much more efficient if
>it were using a database as opposed to a group of text files. I
>mention this primarily because you do seem to be concerned about
>efficiency.[/color]

For seconds, it is assuming that IP is a unique identifier. It isn't.

--
Geoff Berrow 011000100110110 0010000000110
001101101011011 001000110111101 100111001011
100110001101101 111001011100111 010101101011

Re: PHP ban script

Thank you for your help, this worked great.

You are correct about the database method being faster, but I'm looking
forward to seeing what kind of speed this script will run at as I do want to
apply it to all my websites and if I can avoid having to setup databases, it
will allow faster implementation. If not, I'll go the database route.

Thanks again.

"Shaun" <shaun@mypants. drunkwerks.com> wrote in message
news:flmt5213gd jtsoa0f9g0671ca hmr8b70to@4ax.c om...[color=blue]
> On Mon, 08 May 2006 05:33:41 GMT, "carmen" <dddd@kkdi.ck a> wrote:
>[color=green]
>>Hello
>>
>>I came across a php script on the net that will compare a web surfers IP
>>address to those in a text file. If a match or partial match is found,
>>the
>>user is banned from accessing the php script, but if no match is found,
>>the
>>php script executes.[/color]
>
> For starters, this is something that would be much more efficient if
> it were using a database as opposed to a group of text files. I
> mention this primarily because you do seem to be concerned about
> efficiency.
>[color=green]
>>The original script is as follows:
>>
>>line 1 <?php
>>line 2 $IP = $_SERVER['REMOTE_ADDR'];
>>line 3 $IP_array = file('../folder/IP.dat');
>>line 4 $IP_array = str_replace("\n ", "", $IP_array);
>>line 5 $IP_array = str_replace("\r ", "", $IP_array);
>>line 6 foreach ($IP_array as $IP_test) {
>>line 7 if (substr_count($ IP, $IP_test) != "0") {
>>line 8
>>line 9 echo 'Banned World!';
>>line 10
>>line 11 die();
>>line 12 }
>>line 13 }
>>line 14
>>line 15 echo 'Hello World!';
>>line 16
>>line 17 ?>
>>
>>I currently have not one text file with banned addresses, but five
>>different
>>one (eg IP.dat, IP1.dat, IP2.dat, IP3.dat, IP4.dat) and was wondering if
>>there was an easy way of changing the code so that it efficiently checks
>>the
>>surfers IP address to all the IPx.dat files to see if it is banned? I
>>could
>>simply replicate the code 5 times to check each file, but if there was a
>>way
>>of just looping through the various files, that would be great.[/color]
>
> <?php
> for ($i = 1; $i <= 5; $i++) {
> $ipArray = file('../folder/IP' . $i . '.dat');
> $ipArray = preg_replace("/[\r\n]/", '', $ipArray);
> if (in_array($_SER VER['REMOTE_ADDR'], $ipArray)) {
> die('Banned');
> }
> }
> echo 'Hello, world!';
> ?>
>[color=green]
>>I know I could merge the 5 IPx.dat files into a single one and not have to
>>worry about this, but for management purposes of the bans, it works a lot
>>better for me having the 5 distinct files.[/color]
>
> I would still suggest looking into a database solution if you can,
> especially if you're getting decent traffic. Hitting 5 extra files per
> pageload is not at all efficient compared to sending a query to a
> database that caches things to RAM.
>
> hth
>
> -
> Remove mypants to email.
> <http://www.shaunc.com/>[/color]

Re: PHP ban script

Hello Shaun

Could you confirm, does the code you provided ban based on partial IP
addresses similar to the original script? I did try it a couple of times to
see if i could get it to ban based on a partial match of my IP address, but
no luck.

For example, if ip1.dat had 1.2.3 as one ip address, it would ban anyone
coming to the site with an ip of 1.2.3.4, 1.2.3.5, 1.2.3.6, etc, or if
ip1.dat had 1.2, it would ban 1.2.3.4, 1.2.5.6, etc

thx


"Shaun" <shaun@mypants. drunkwerks.com> wrote in message
news:flmt5213gd jtsoa0f9g0671ca hmr8b70to@4ax.c om...[color=blue]
> On Mon, 08 May 2006 05:33:41 GMT, "carmen" <dddd@kkdi.ck a> wrote:
>[color=green]
>>Hello
>>
>>I came across a php script on the net that will compare a web surfers IP
>>address to those in a text file. If a match or partial match is found,
>>the
>>user is banned from accessing the php script, but if no match is found,
>>the
>>php script executes.[/color]
>
> For starters, this is something that would be much more efficient if
> it were using a database as opposed to a group of text files. I
> mention this primarily because you do seem to be concerned about
> efficiency.
>[color=green]
>>The original script is as follows:
>>
>>line 1 <?php
>>line 2 $IP = $_SERVER['REMOTE_ADDR'];
>>line 3 $IP_array = file('../folder/IP.dat');
>>line 4 $IP_array = str_replace("\n ", "", $IP_array);
>>line 5 $IP_array = str_replace("\r ", "", $IP_array);
>>line 6 foreach ($IP_array as $IP_test) {
>>line 7 if (substr_count($ IP, $IP_test) != "0") {
>>line 8
>>line 9 echo 'Banned World!';
>>line 10
>>line 11 die();
>>line 12 }
>>line 13 }
>>line 14
>>line 15 echo 'Hello World!';
>>line 16
>>line 17 ?>
>>
>>I currently have not one text file with banned addresses, but five
>>different
>>one (eg IP.dat, IP1.dat, IP2.dat, IP3.dat, IP4.dat) and was wondering if
>>there was an easy way of changing the code so that it efficiently checks
>>the
>>surfers IP address to all the IPx.dat files to see if it is banned? I
>>could
>>simply replicate the code 5 times to check each file, but if there was a
>>way
>>of just looping through the various files, that would be great.[/color]
>
> <?php
> for ($i = 1; $i <= 5; $i++) {
> $ipArray = file('../folder/IP' . $i . '.dat');
> $ipArray = preg_replace("/[\r\n]/", '', $ipArray);
> if (in_array($_SER VER['REMOTE_ADDR'], $ipArray)) {
> die('Banned');
> }
> }
> echo 'Hello, world!';
> ?>
>[color=green]
>>I know I could merge the 5 IPx.dat files into a single one and not have to
>>worry about this, but for management purposes of the bans, it works a lot
>>better for me having the 5 distinct files.[/color]
>
> I would still suggest looking into a database solution if you can,
> especially if you're getting decent traffic. Hitting 5 extra files per
> pageload is not at all efficient compared to sending a query to a
> database that caches things to RAM.
>
> hth
>
> -
> Remove mypants to email.
> <http://www.shaunc.com/>[/color]

Re: PHP ban script

carmen wrote:[color=blue]
> Hello
>
> I came across a php script on the net that will compare a web surfers IP
> address to those in a text file. If a match or partial match is found, the
> user is banned from accessing the php script, but if no match is found, the
> php script executes.[/color]

And if they come from AOL, via a proxy you *could* be banning thousands
of users. Since they're using AOL it's probably not an issue, but if
you're selling penis enlargement/fat busting pills then you could be
loosing the majority of your business.

Re: PHP ban script

[color=blue]
> And if they come from AOL, via a proxy you *could* be banning
> thousands
> of users. Since they're using AOL it's probably not an issue, but if
> you're selling penis enlargement/fat busting pills then you could be
> loosing the majority of your business.[/color]

LOL. Also, if I disconnect from my provider and a friend logs in at
the same provider, the IP might be my old one. So, you should make IPs
invalid after a time of, say 1 hour or so...