Posted by Arjen on 02/18/06 16:32

Blackhawk@idonthaveone.com wrote:
> I have a guest book and someone is raising hell with me on it. I must
> receive 50 entries a day and all bogus. Don't know why they have
> picked my site but I have to do something now to correct the on going
> problem.
>
> I need a security feature for my guest book. I have seen some on other
> boards where there is a series a letters and or numbers only the human
> eye can pick out and enter in order to submit an entry into the guest
> book. Can someone direct me to the source of this security script in
> php, please!

This is some really old code but it has been working for me for the last
few years. I just blok their ip adress, ip range and geographical
location :-) The mysql table only has 150 entries so im not really
concerned with performace.

$ip = $_SERVER["REMOTE_ADDR"];

// override
// once the user optionally confirms the emailadress allow is set to true
if ($user[allow]=="false"){

// statisch ip
$sql = 'SELECT deny.id '
.'FROM deny '
.'WHERE deny.ip = "'.$ip.'" ';
$query = mysql_query("$sql")
or exit ("Ongeldige query " . mysql_error());
if (mysql_num_rows($query)>0)
{
header("Location: geblokkeerd.php?r=statisch");
exit;
}

// dynamisch ip
$sql = 'SELECT deny.id '
.'FROM deny '
.'WHERE (begin<INET_ATON("'.$ip.'") AND INET_ATON("'.$ip.'")<eind)';
$query = mysql_query("$sql")
or exit ("Ongeldige query " . mysql_error());
if (mysql_num_rows($query)>0)
{
header("Location: geblokkeerd.php?r=dynamisch");
exit;
}

// geoip
include ("../geoip/geoip.inc");
$gi = geoip_open("$siteroot/geoip/GeoIP.dat",GEOIP_STANDARD);

/* set up array of banned country codes via
* http://www.maxmind.com/app/iso3166
*/
$banned = array ('A1', 'AE', 'AF', 'AL', 'AP', 'BA',
'BD', 'BO', 'BR', 'BS', 'CD', 'CF', 'CN',
'CU', 'ES', 'FM', 'IN', 'KH', 'LV', 'MY',
'RO', 'KP', 'KR', 'SK', 'TR', 'TW',
'UA', 'UZ', 'RU', 'AZ', 'PL');

$country_code = geoip_country_code_by_addr($gi, $ip);
geoip_close($gi);

if (in_array ($country_code, $banned))
{
header("Location: geblokkeerd.php?r=geoip");
exit;
}



}

• Next in forum: flat file database manager
• Prev in forum: Setcookie problems
• Thread view: Re: Security Needed!

[Reply to this message]