Tweaking a script

Re: Tweaking a script

carmen wrote:[color=blue]
> I came across this free script on the net that compares the IP address of a
> surfer to a list (1.list). If there is a match, the surfer gets the message
> banned. If there is no match, the rest of the php script runs.
>
> Is there an easy way to tweak the file so that
> 1. If there is a match of the surfers IP address to one in the list
> (1.list), rather then get a banned message, the rest of the php script runs.
> 2. If the surfers IP address does not match any of the IP address in the
> list (1.list), then instead of echo 'banned'; the surfer is redirected to
> another webpage.
>
> Thank you
>
> <?php
> $IP = $_SERVER['REMOTE_ADDR'];
> $IP_array = file('../info/1.list');
> $IP_array = str_replace("\n ", "", $IP_array);
> $IP_array = str_replace("\r ", "", $IP_array);
> foreach ($IP_array as $IP_test) {
> if (substr_count($ IP, $IP_test) != "0") {
>
> echo 'banned';
>
> die();
> }
> }
> ************* REST OF THE SCRIPT *************
>
>[/color]
You can negate the the result of the "$IP_array as $IP_test" with the !

foreach (!($IP_array as $IP_test)) {

that should do the trick.


//Aho

Re: Tweaking a script

J.O. Aho wrote:[color=blue]
> You can negate the the result of the "$IP_array as $IP_test" with the
> !
> foreach (!($IP_array as $IP_test)) {
>[/color]

I don't think you can:

$a = array(1,2,3);

foreach (!($a as $num)) {
print $num;
}

Result:

Parse error: parse error, unexpected T_AS in [...] on line [...]


JW

Re: Tweaking a script

carmen wrote:[color=blue]
> Is there an easy way to tweak the file so that
> 1. If there is a match of the surfers IP address to one in the list
> (1.list), rather then get a banned message, the rest of the php
> script runs. 2. If the surfers IP address does not match any of the IP
> address in
> the list (1.list), then instead of echo 'banned'; the surfer is
> redirected to another webpage.
>[/color]

$IP = $_SERVER['REMOTE_ADDR'];
$IP_array = file('../info/1.list');
$IP_array = str_replace(arr ay("\n", "\r"), "", $IP_array);
if (!in_array($IP, $IP_array)) {
header("Locatio n: banned.php");
exit;
}


JW

Re: Tweaking a script


I think this is the easiest :
<?php
$IP = $_SERVER['REMOTE_ADDR'];
$IP_array = file('../info/1.list');

if (!array_search( $IP, $IP_array))
die ("Banned");
else
echo "welcome";

?>

regards,

Lorento
--

Re: Tweaking a script

lorento wrote:[color=blue]
> I think this is the easiest :
> <?php
> $IP = $_SERVER['REMOTE_ADDR'];
> $IP_array = file('../info/1.list');
>
> if (!array_search( $IP, $IP_array))
> die ("Banned");
>[/color]

This way, the script will also die when $IP occupies the first index in the
array; therefore, you should apply the identity operator:

if (false !== array_search($I P, $IP_array))


JW

Re: Tweaking a script


"carmen" <dddd@kkdi.ck a> wrote in message
news:KU9hg.2469 37$P01.8300@pd7 tw3no...[color=blue]
>I came across this free script on the net that compares the IP address of a
>surfer to a list (1.list). If there is a match, the surfer gets the
>message banned. If there is no match, the rest of the php script runs.
>
> Is there an easy way to tweak the file so that
> 1. If there is a match of the surfers IP address to one in the list
> (1.list), rather then get a banned message, the rest of the php script
> runs.
> 2. If the surfers IP address does not match any of the IP address in the
> list (1.list), then instead of echo 'banned'; the surfer is redirected to
> another webpage.
>
> Thank you
>
> <?php
> $IP = $_SERVER['REMOTE_ADDR'];
> $IP_array = file('../info/1.list');
> $IP_array = str_replace("\n ", "", $IP_array);
> $IP_array = str_replace("\r ", "", $IP_array);
> foreach ($IP_array as $IP_test) {
> if (substr_count($ IP, $IP_test) != "0") {
>
> echo 'banned';
>
> die();
> }
> }
> ************* REST OF THE SCRIPT *************
>[/color]

Would this work?

<?php
$IP = $_SERVER['REMOTE_ADDR'];
$IP_array = file('../info/1.list');
$IP_array = str_replace("\n ", "", $IP_array);
$IP_array = str_replace("\r ", "", $IP_array);
foreach ($IP_array as $IP_test) {
if (substr_count($ IP, $IP_test) != "0") {

************* REST OF THE SCRIPT *************

die();
}
}
BANNED MESSAGE HERE

Re: Tweaking a script

carmen wrote:[color=blue]
> I came across this free script on the net that compares the IP address of a
> surfer to a list (1.list). If there is a match, the surfer gets the message
> banned. If there is no match, the rest of the php script runs.
>
> Is there an easy way to tweak the file so that
> 1. If there is a match of the surfers IP address to one in the list
> (1.list), rather then get a banned message, the rest of the php script runs.
> 2. If the surfers IP address does not match any of the IP address in the
> list (1.list), then instead of echo 'banned'; the surfer is redirected to
> another webpage.
>
> Thank you
>
> <?php
> $IP = $_SERVER['REMOTE_ADDR'];
> $IP_array = file('../info/1.list');
> $IP_array = str_replace("\n ", "", $IP_array);
> $IP_array = str_replace("\r ", "", $IP_array);
> foreach ($IP_array as $IP_test) {
> if (substr_count($ IP, $IP_test) != "0") {
>
> echo 'banned';
>
> die();
> }
> }
> ************* REST OF THE SCRIPT *************
>
>[/color]

Are you using Apache? If so - just use their configuration directives - either
in httpd.conf or .htaccess.

Much easier to use the correct tool for the job.

--
=============== ===
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attgl obal.net
=============== ===

Re: Tweaking a script

In message <KU9hg.246937$P 01.8300@pd7tw3n o>, carmen <dddd@kkdi.ck a>
writes[color=blue]
>I came across this free script on the net that compares the IP address of a
>surfer to a list (1.list). If there is a match, the surfer gets the message
>banned. If there is no match, the rest of the php script runs.[/color]

I see you've got some responses already, which I hope you find helpful.

I just wanted to add that banning particular IP addresses probably won't
achieve very much. Here in the UK most Internet users use a dynamically
allocated IP address, and it's probably the same elsewhere. So, for
example, disconnecting from Internet and then reconnecting would give me
a different IP address.

And there are also services, such as
<http://www.anonymizer. com/home.html> that will 'hide' visitors IP
address from the website they're visiting.
--
Martin Jay
Phone/SMS: +44 7740 191877
Fax: +44 870 915 2124

Re: Tweaking a script

Martin

Just a heads up on this ... What actually works is to reverse your thinking
- you ban the anonymous users based on updated lists of anonymous proxies

I actually get it done at my firewall - we are a bit rude about it ... If
users come from any of the anonymous proxies around the world they just
don't see some of our managed servers - no redirection no nothing

Once an IP drops off the anonymous lists the users can get back in - there
are many publicly available anonymous proxy lists which you can use to block
with.

We find that we have greatly reduced the server attack attempts we are
getting - we also have a manually updated list of rogue IP which we clear on
a 3 monthly cycle

Cheers
moosus


in article KVs+hnGgEZhEFwz Y@spam-free.org.uk, Martin Jay at
martin@spam-free.org.uk wrote on 7/6/06 12:28 AM:
[color=blue]
> In message <KU9hg.246937$P 01.8300@pd7tw3n o>, carmen <dddd@kkdi.ck a>
> writes[color=green]
>> I came across this free script on the net that compares the IP address of a
>> surfer to a list (1.list). If there is a match, the surfer gets the message
>> banned. If there is no match, the rest of the php script runs.[/color]
>
> I see you've got some responses already, which I hope you find helpful.
>
> I just wanted to add that banning particular IP addresses probably won't
> achieve very much. Here in the UK most Internet users use a dynamically
> allocated IP address, and it's probably the same elsewhere. So, for
> example, disconnecting from Internet and then reconnecting would give me
> a different IP address.
>
> And there are also services, such as
> <http://www.anonymizer. com/home.html> that will 'hide' visitors IP
> address from the website they're visiting.[/color]

Re: Tweaking a script

In message <C0AC4B5B.6866% junk{@}fishingm onthly.com.au>, moosus
<junk{@}fishing monthly.com.au> writes[color=blue]
>Just a heads up on this ... What actually works is to reverse your thinking
>- you ban the anonymous users based on updated lists of anonymous proxies
>
>I actually get it done at my firewall - we are a bit rude about it ... If
>users come from any of the anonymous proxies around the world they just
>don't see some of our managed servers - no redirection no nothing
>
>Once an IP drops off the anonymous lists the users can get back in - there
>are many publicly available anonymous proxy lists which you can use to block
>with.
>
>We find that we have greatly reduced the server attack attempts we are
>getting - we also have a manually updated list of rogue IP which we clear on
>a 3 monthly cycle[/color]

I was talking to a friend about a similar thing yesterday.

He wasn't able to get a response from <http://www.jinglemad.c om/>, but I
could view it without any problems. We both use the same Internet
Provider. The only real difference between our setups is that I use a
dynamically allocated IP address and his is fixed. His trace route
ended with the following:

8 157 ms 153 ms 152 ms 209.51.149.109
9 111 ms 107 ms 105 ms l3-atl-8.gnax.net [209.51.131.18]
10 * * * Request timed out.

The same trace route for me ended with:

7 123 ms 124 ms 123 ms 209.51.149.109
8 110 ms 123 ms 110 ms l3-atl-8.gnax.net [209.51.131.18]
9 124 ms 123 ms 124 ms ice.dnsprotect. com [207.210.68.18]

My 'guess' is that his IP address has found its way onto a block list.

I suggested he tried <http://www.anonymizer. com/> to access the site and
it worked. :)

Apparently he's not been able to visit Jinglemad.com for three weeks
now, and thought it was down. :)
--
Martin Jay
Phone/SMS: +44 7740 191877
Fax: +44 870 915 2124