CREATE TABLE `banned_ip` (
`id` INT( 25 ) NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`ip` VARCHAR( 25 ) NOT NULL ,
`reason` TEXT NOT NULL )
CONFIG.PHP
<?php
// config
$config['host'] = "localhost"; // host name of your mysql server
$config['user'] = "username"; // your mysql username
$config['pass'] = "password"; // your mysql password
$config['db'] = "database"; // the database your table is in.
// the @ sign is an error supressor, meaning we can use our own error messages, this connects and selects db
@mysql_connect("$config[host]","$config[user]","$config[pass]")
or die("There was an error connecting to the database, MySql said:<br />".mysql_error()."");
@mysql_select_db("$config[db]")
or die("There was an error connecting to the database, MySql said:<br />".mysql_error()."");
?>
Ban.php
<?php
include("connect.php");
$ip = $_SERVER['REMOTE_ADDR'];
$find_ip = mysql_query("SELECT * FROM banned_ip WHERE ip='$ip'");
$ban = mysql_fetch_array($find_ip);
if($ip == $ban['ip']){
die("You are banned from this site!");
else {
echo "Your Were not Banned";
$sql = "INSERT INTO user(ip) VALUES('$ip')";
}
?>
我正在做的是检查我的数据库是否有ip,如果它被禁止。如果没有被禁止,给他显示“你没有被禁止”并禁止他的消息。
将他的IP存储在数据库中。然后,如果他再次来到现场,将显示“你被禁止进入这个网站!”
通过这个我给每个IP只有一次访问我的内容。这个脚本有效吗?这个脚本不适合我。它不是禁止我的ip,而是不断向我显示我的内容。
答案 0 :(得分:2)
您正在使用不同的表格。您为banned_ip执行选择查询,以检查IP是否被禁止。但如果他没有被禁止,你会尝试插入用户表。这样您就可以记下所有被禁止的IP,但是不要选择它们。
此外,当您查询数据库时,执行SELECT *是不好的行为。只选择你需要的值(在这种情况下它甚至不重要,因为你检查他是否找到了ip的行)。
从来没有100%可靠的方法来阻止未登录的用户访问内容。如果您禁止知识产权,您可能会同时禁止几个人(如学校)。使用cookie(以及Sessions)效率不高,因为可以删除cookie。
<?php
include("connect.php");
$ip = $_SERVER['REMOTE_ADDR'];
$find_ip = mysql_query("SELECT ip FROM banned_ip WHERE ip='$ip'");
$ban = mysql_fetch_array($find_ip);
if($ip == $ban['ip']){
die("You are banned from this site!");
else {
echo "Your Were not Banned";
$sql = "INSERT INTO banned_ip (ip) VALUES('$ip')";
}
?>
答案 1 :(得分:0)
<?php> include "connect_to_mysql.php";
$proxy_headers = array(
'HTTP_VIA',
'HTTP_X_FORWARDED_FOR',
'HTTP_FORWARDED_FOR',
'HTTP_X_FORWARDED',
'HTTP_FORWARDED',
'HTTP_CLIENT_IP',
'HTTP_FORWARDED_FOR_IP',
'VIA',
'X_FORWARDED_FOR',
'FORWARDED_FOR',
'X_FORWARDED',
'FORWARDED',
'CLIENT_IP',
'FORWARDED_FOR_IP',
'HTTP_PROXY_CONNECTION'
);
foreach($proxy_headers as $x){
if (isset($_SERVER[$x])) die("You are using a proxy!");
}
$counter = 1873;
$MM_redirectLoginFailed = "sorry_search.php";
$MM_redirecttoReferrer = false;
$dynamicList="";
$dynamicListaa="";
$sql = mysql_query("SELECT * FROM ip WHERE ip LIKE '%54.36.%'");
$productCount = mysql_num_rows($sql); // count the output amount
if ($productCount > 0) {
// get all the product details
while($row = mysql_fetch_array($sql)){
$product_name = $row["ip"];
$counter++;
$sql2 = mysql_query("INSERT INTO bannedIp (bannedip_id, bannedip) VALUES ('".$counter."', '".$product_name."')") or die(mysql_error());
echo $sql2;
print($product_name);
}
} else {
header("Location: ". $MM_redirectLoginFailed );
}
$ip = $_SERVER['REMOTE_ADDR'];
$find_ip = mysql_query("SELECT * FROM bannedIp WHERE bannedip='$ip'");
$ban = mysql_fetch_array($find_ip);
if($ip == $ban['bannedip']){
die("You are banned from this site2!");
}
$ip_parts = explode (".", $_SERVER['REMOTE_ADDR']);
$parts = $ip_parts[0] . $ip_parts[1];
if($parts == 5436)
{
die("You are banned from this site1!");
}
<?>