Comments on: Basic IP Banning

By: Rocky

Rocky — Sat, 25 Jul 2009 09:26:16 +0000

$denyIP = array(‘192.168.1.100′, ‘192.168.2.*’, ‘192.168.3.10?’);

$_allowed = true;

// Loop through all IP addresses
foreach($denyIP as $dip){
$dip = str_replace(‘.’,'\.’,$dip);
$dip = str_replace(‘*’,’[0-9]{1,3}’,$dip);
$dip = str_replace(‘?’,’[0-9]{1}’,$dip);
if(ereg(“^{$dip}$”, $_SERVER[REMOTE_ADDR])) $_allowed = false;
}

if(!$_allowed) {

echo ‘You have been banned from this site. Sorry!’;
exit;

} else {
// Allow Access To The Website
}
?>

if (strpos($_SERVER['REMOTE_ADDR'], $dip) === 0) {
$_allowed = false;
}
// Run Check

By: Michael

Michael — Mon, 04 May 2009 15:52:49 +0000

You could use…

if (strpos($_SERVER['REMOTE_ADDR'], $dip) === 0) {
$_allowed = false;
}

… and not need to use the ’str_replace’ functions. To allow for wildcards, just stop the banned address earlier, i.e. ‘192.168.2′.

By: Daniel

Daniel — Wed, 24 Sep 2008 01:59:14 +0000

There is no SQL in this script so there are no possibilities of SQL injection.

By: anony

anony — Sat, 09 Aug 2008 16:24:27 +0000

This is a good script, though there is possibilities of SQL injection in places. Nice work though!

By: bazish

bazish — Thu, 26 Jun 2008 06:50:58 +0000

Excellent job, i like the way you explain your scripts and all are working accurately. which is proof of your high knowledge of PHP.
thanks for sharing all these scripts.

By: r

Fri, 04 Aug 2006 14:52:17 +0000

this is good web site