Reply to Re: Ban Spamers IP Addresses

Your name:

Reply:


Posted by DrTebi on 09/28/05 16:19

On Mon, 19 Sep 2005 16:51:41 -0400, Andy wrote:

> I made a script to write all posted data by a form in CSV file. I did also a
> script to ban spammers IP Addresses. When banned spammer wants to use my
> form ito send a letter he gets a warning message. Unfortunately all spammers
> data he tried to send is recorded in CSV file. Please tell me how to modify
> my script so the spammer will get a warning message but his data will not be
> recorded after he press a send button. Thank you.
>
> This is a script to record data to CSV file (letters.CSV).
>
>
> $filename = "letters.csv";
> touch ("$filename");
> $fpc = fopen($filename, "a") or die ("Couldn't open $filename");
> fputs($fpc,"\n\"$_POST[from],\"
> $_POST[email],\"$_POST[message],");fclose($fpc);
>
>
> This is a script to ban IP Addresses :
>
> $ban_ip_on = "yes";
>
> $ban_ip_list = "111.222.33.55,
> 11.33.777.99,";
>
> if($ban_ip_on == "yes") {
>
> if(strstr($ban_ip_list, $HTTP_SERVER_VARS[REMOTE_ADDR])) {
> echo "<div align='center'><span class='contact6'> Error - Banned
> IP</span><br><br><span class='cbull'>&bull;
> </span><span class='contact5'>
> You cannot use this form because your IP address has been banned by the
> administrator.</span><br><br><input type=button value='&gt; &gt; Close
> Window &lt; &lt;'
> onClick=javascript:closewindow(); name='button'></div>";
> $error = "yes";
> }
> }
>
>
> if($error == "yes") {
> exit();
> }

Well,
I am not sure in what order you are running those scripts. However, you
could probably put them just in one script, and make sure the banning
stuff gets executed first:

$ban_ip_on = true;
$ban_ip_list = array('111.222.33.55', '11.33.777.99');

if($ban_ip_on === true) {
if(in_array($_SERVER['REMOTE_ADDR'], $ban_ip_list)) {
// IP is banned, show error page and exit
echo '<div align="center">';
echo '<span class="contact6">Error - Banned IP</span>';
echo '<br><br>';
echo '<span class="cbull">&bull;</span>';
echo '<span class="contact5">
You cannot use this form because your IP
address has been banned by the administrator.
</span>';
echo '<br><br>';
echo '<input type="button" value="&gt; &gt; Close Window &lt; &lt;" onClick="javascript:closewindow();" name="button">';
echo '</div>';
exit();
} else {
// IP is not banned, write stuff to CSV file
$filename = 'letters.csv';
touch ($filename);
$fpc = fopen($filename, 'a') or die ("Couldn't open $filename");
fputs($fpc, "\n\"$_POST[from],\"$_POST[email],\"$_POST[message],");
fclose($fpc);
// if you need to send out a mail now,
// you would put that necessary code
// for it here
}
}

Here is a couple notes on this:
- don't use double-quotes unless you really have a variable inside. It
will speed up your code, since with single quotes PHP does not have to
search for variables to translate in your strings
- use $_SERVER instead of $_HTTP_SERVER_VARS. That's the new way... it's
shorter to write. Also, quote your keys inside this as in
$_SERVER['REMOTE_ADDR']
- use an array for the ips, and search it with
in_array(). - use some indenting and don't write all HTML stuff on one
line, it just makes things easier to read and edit ;-) - you really should
check your POST variables before writing them to a file. People could post
dangerous things to your file otherwise.

I don't want to be a smart ass... just trying to help you write clean code :)

Cheers,
DrTebi

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация