|
PHP - Blocking Ip Addresses Listed On External Sites
has anyone here ever seen these 2 sites?
IP DENY
TOR EXIT NODES with regard to the former, the domain has one page per country I believe. so, you can get listings for like say, China and Russia on these 2 pages: China: https://www.ipdeny.com/ipblocks/data/countries/cn.zone Russia: https://www.ipdeny.com/ipblocks/data/countries/ru.zone my question to folks here is, would this information be useful to me? I am putting together some website content that I do not want everyone in the world to see. And, it is possible that by some miracle, the sophisticated hacker world outside the USA will want to take it down and/or disrupt the service offerings of it if they find out that it exists. Anyone got any advice on whether these resources are even worth the effort to use? and if they are, what is the best way to leverage them? e.g. - when pulling info from the server DB to display content on the page, check this IP data first to see who they are and whether I will allow them or block them? thanks. Adam @requinix, I know we've talked about blocking illegitimate traffic before. and I know you said I can't ever get rid of all of it. but this is new info that I've run across. Just wondering what you guys think of this. =) Similar TutorialsHello, stristr('http://www.google.com/', 'google') doesn't work but stristr('http://localhost/test.html', 'sandro') works why is this? and how can I solve this problem?
<?php
include 'core/classes/Query.php';
include 'core/functions/recaptchalib.php';
$sqlQ = "SELECT * FROM `servers`";
$qResult = $database->query($sqlQ);
$i = 0;
while ($row = $qResult->fetch_assoc()) {
$query = new Query($row['address'], $row['query_port'], $row['engine']);
$info = $query->query();
if(!$info) {
$info = $query->return_false();
}
$details = array(
'players' => $info['players'],
'details' => $info['details']
);
$details = json_encode($details);
$update = $database->prepare("UPDATE `servers` SET `status` = ?, `online_players` = ?, `maximum_online_players` = ?, `map` = ?, `details` = ?, `cachetime` = unix_timestamp() WHERE `server_id` = {$row['server_id']}"
$update->bind_param('sssss', $query->status, $info['general']['online_players']['value'], $info['general']['maximum_online_players']['value'], $info['general']['map']['value'], $details)
$update->execute(); }
?>
What I'm trying to accomplish is query every server & update every one of the rows for each server listed. This does nothing
( its a cronjob , as it has to run every 5 minutes , newbie so not entirely sure if this is event the right approach )
There is no SEO section so I do not know where exactly to ask this question, but here it is.
https://www.google.c...A#q=twitter.com
Do you see how Google lists Twitter results in two columbs underneath the main heading title? How does one achieve that result with their website? Does only Google decides to make it show up that way?
here my sample code
<form>
<input id="query" type="text" name="query" placeholder="search here..." autocomplete="off">
<button type="submit" value="query" >search</button>
<div class="sugbx"></div>
</form>
//php code, assume we already run a whole php code
......
<ul class="list-group list-unstyled" style="cursor:pointer; color: #191919; position:absolute; top:12px;">
<?php
foreach($query as $movie) {
?>
<li class="list-group-item" onClick="searchValue('<?php echo $movie["movie_name"]; ?>'),;"><?php echo $movie["movie_name"]; ?></li>
<?php } ?>
</ul>
<?php } ?>
//ajax here
$('#search').keyup(function(){
$.ajax({
type: 'GET',
url: 'phpcode.php',
data:'query='+$(this).val(),
success: function(data){
$('.sugbx').show();
$('.sugbx').html(data);
}
});
});
function searchValue(val) {
$('#query').val(val);
$('.sugbx').hide();
}
//ajax
the input accept the value only after selecting one of the listed value on the suggesstion box and then i have to click the submit button the problem is, how to submit the value accepted when a list is clicked I'm having trouble echoing $year in my script. Listed below is the script, just below ,$result = mysql_query("SELECT * FROM $dbname WHERE class LIKE '%$search%'") or die(mysql_error());, in the script I try to echo $year. It doesn't show up in the table on the webpage. Everything else works fine. Any help wold be appreciated greatly. Thanks in advance. <?php include 'config2.php'; $search=$_GET["search"]; // Connect to server and select database. mysql_connect($dbhost, $dbuser, $dbpass)or die("cannot connect"); mysql_select_db("vetman")or die("cannot select DB"); $result = mysql_query("SELECT * FROM $dbname WHERE class LIKE '%$search%'") or die(mysql_error()); // store the record of the "" table into $row //$current = ''; echo "<table align=center border=1>"; echo "<br>"; echo "<tr>"; echo "<td align=center>"; ?> <div style="float: center;"><a><h1><?php echo $year; ?></h1></a></div> <?php echo "</td>"; echo "</tr>"; echo "</table>"; // keeps getting the next row until there are no more to get if($result && mysql_num_rows($result) > 0) { $i = 0; $max_columns = 2; echo "<table align=center>"; echo "<br>"; while($row = mysql_fetch_array($result)) { // make the variables easy to deal with extract($row); // open row if counter is zero if($i == 0) echo "<tr>"; echo "<td align=center>"; ?> <div style="float: left;"> <div><img src="<?php echo $image1; ?>"></div> </div> <?php echo "</td>"; // increment counter - if counter = max columns, reset counter and close row if(++$i == $max_columns) { echo "</tr>"; $i=0; } // end if } // end while } // end if results // clean up table - makes your code valid! if($i > 0) { for($j=$i; $j<$max_columns;$j++) echo "<td> </td>"; echo '</tr>'; } mysql_close(); ?> </table> How can I block a text that contains only spaces? Right now I have done if ($body == "") { die("<font color='red'><font size='15'><strong><center>Your post did not contain any text!"); } But that's extremely insufficient, as any user can easily post " " Any ideas? Well people who hate my site have been coming on and making a site with my site maker . And instead of filling in proper info they put <script> which redirects. And when they finish it saves into mysql and when i view the list of sites it redirects me to another site, Anyone know what can solve this? Code: [Select] i have this to vlock bots out why is the pregmatch part receiving inserts of "http" ???? [cdoe] if (empty($_POST['Main']) && !empty($_POST['CustomerEmail']) && !preg_match("/http/i","$RequestText")) { mail($to, $subject, $message, $headers); $url_success = "confirmation.php"; echo("<meta http-equiv = refresh content=0;url=".$url_success.">"); } elseif (empty($email)) { exit(); } else { exit(); } Im having a little trouble with the script below. I get my three sql values returned fine, without a problem. The problem is that Im not sending any emails with it. Wether this is a problem with my syntax, headers, code ??? i dont know. Please go easy on my scripts, im a learning newbie. <html><body> <?php mysql_connect("***","***","***"); mysql_select_db("***") or die("Unable to select database"); $code = $_GET['postcode']; $message = $_GET['message']; $shortcode = substr($code,0,2); $subject = "subject here"; $result = mysql_query("SELECT email FROM treesurgeons WHERE postcode like '%" . $shortcode . "%' ORDER BY companyName LIMIT 3") or die(mysql_error()); echo "<h2>Business Names:</h2>"; while($row = mysql_fetch_assoc($result)) {$message .= "\r\n". $row['email'] ;} {$value = $row['email'].',';} rtrim($row, ','); $i = 0; {$i++; switch($i) {case 0:$value1 = $row['email']; break; case 1:$value2 =$row['email']; break; case 2:$value3 =$row['email']; break; }} $to = "$value1, $value2, $value3"; echo nl2br ($message); $headers = 'From: me@me.com' . "\r\n" . 'Reply-To: me@me.com' . "\r\n" . 'X-Mailer: PHP/' . phpversion(); mail( "$to", "$subject","$message", "$headers"); echo "<br>" . "Thank you for using our mail form."; ?></body></html> Hi there, I have a newsletter sign up form which just puts the data (id and email) into a mysql table. To stop people hacking the site, is there a way to make sure the only thing being submitted in the input is an email address? Here's my current form and submit php: Code: [Select] <?php $mailer = $_GET['mailer']; if ($mailer == 'added') { $email=$_POST['email']; if($email == '') { echo '<div class="daily_not_submitted"><span style="padding-right:6px;"><img src="https://store.huhmagazine.co.uk/images/cross.jpg"></span>Please fill in all the fields.</div>'; }else { $sql="INSERT INTO `dailymailer` (`email`) VALUES ('$email');"; $result=mysql_query($sql) or die(mysql_error()); if($result){ echo "<div class='daily_submitted'><span style='padding-right:6px;'><img src='http://www.huhmagazine.co.uk/images/uploaded/checkboxtick.jpg'></span>Thank you.</div>"; } else { echo "Error\n"; } } } ?> <div id="sidebarnewsletter"> <form name="mailinglist" method="post" action="?mailer=added"> <input type="text" name="email" class="sidebarnewsletter" placeholder="Enter Your Email Address" /> <input type="submit" class="sidebarnewsletter_button" value="Sign Up"> </form> <div class="clear"></div> </div> I could use some advice on how to capture and display my Users' Addresses. On my website, I display the User's... - Username - Photo - Location ...next to each Comment they post. Right now, I just have an *optional* field on my "Registration" form and "Update Details" form which ask for "Location". The problem, of course, is that that data isn't very useful beyond displaying it?! But at the same time, how do I capture Addresses from around the globe?! If all of my Users were in America, I would just do... - City - State - Zip ...but what do I do if someone is from Stuttgart, Germany?! My fear is a multinational Registration Form like this would scare people away... Quote (For Registrants in the U.S...) - City - State - Zip (For Registrants outside the U.S...) - City - State/Province/Region - Postal Code - Country And how would I handle the "Country" field? If I use a dropdown - which is usually recommended - then I'd have to maintain a very long and dynamic list, plus Users would have to scroll down through a list of a few hundred countries which my come across as *obnoxious*?! (I'm just trying to entice people to create a User Account, so I don't want to make it difficult!!) What is the best way to approach this? Thanks, Debbie Hi I have a couple of phpbb forums on my web space. One is randomly throwing people off and it is getting far worse. I have traced down the issue to the IP address. Phpbb stores the IP address and session id and checks that they match. If not it throws the user out. The session ids seem to be there OK, but the IP addresses aren't. When it causes a problem the IP address seems to be returned as "::" (yes, 2 colons). I have used the following routine to try and obtain a relevant IP address and it to returns "::" Code: [Select] function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet { $ip=$_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy { $ip=$_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip=$_SERVER['REMOTE_ADDR']; } return $ip; } Any ideas? All the best Keith Im not sure if this is the correct section so sorry for that in advance, i have this URL on my website inside an iframe: http://gorillavid.com/cna/zwzcpyvcfi7j What im wanting to do is somehow either remove all the ads that are shown, or make sure all of the ads are muted and cant make any noise. is this possible? Seany im sure i am missing something simple. but this is killing me. i get this to work: Code: [Select] $url = (isset($_POST['url'])) ? $_POST['url'] : ''; $BlockedNames = array('nepwk', 'teleworm'); $BlockedDomains = array('nepwk.com', 'teleworm.com', 'yopmail.com', 'adf.ly', 'www.nepwk.com'); @list($name, $domain) = explode("http://", $url); else if(in_array($name, $BlockedNames) || in_array($domain, $BlockedDomains)) { $mesaj = "<div class=\"msg\"<div class=\"error\">Your URL has been blocked by our system!</div></div>"; } now the above works if i type the whole domain for every single url i want to block but i want to know is how would i add a catch all of sorts to the domain so say the domain is: http://www.google.com i want to block everything google so all of the following would be blocked as well http://www.google.com/whatever http://www.google.com/anything http://www.google.com/something i want all of those to be blocked automatically without having to add each individual one im trying to block adf.ly links which change for each person and each url they mask and i want to take proactive measure to just block them from being added into my form instead of having them added to my database then having to go and manually delete them. any questions or if this doesn't make sense let me know. thanks in advance (and maybe this is bad code im a noob so go easy ) I have found that when I go to a page on my website, it can cause my IP to get blocked for 1/2 hour by their servers. I have confirmed this by using a proxy to see the site is still up and running. I contacted tech support for the server and after hours and hours of not being able to identify the issue, their tech support accused me of writing bad PHP code. The code has not changed, and this has been a recent issue with the server (last few months). The web page queries a SQL database and displays many small thumbnails. So I took the code from that page, trimmed it down to just get the contents of the image directory and display the thumbnails. Very basic, whereas before it queried the database for specific images, and created thumbnails on the fly. And so the very basic page (link below) without all that extra stuff STILL causes my IP to be blocked from the site when I access the page. http://www.1966-67chargerregistry.com/gallery/indexTest.php Can you guys confirm that it's not a coding issue? Sure I could split up the images onto multiple pages, but there should be nothing here that a decent server can't handle, right? All thumbnails are 2-3 kb and there's typically maybe 1000 of them. Thanks!!! Re-factored PHP code below: <html> <head><title></title></head> <body> <table align="center" width="1000"> <?php //get contents of image directory so we can look for existing images later in loop $filePath = '../66pics/seppics'; $imageFiles = scandir($filePath); $output = ''; $added = 0; //walk through each of the directory image results for($i = 0; $i < count($imageFiles); $i++) { //only display thumbnail images if(substr($imageFiles[$i], 0, 1) == 'T' && strlen($imageFiles[$i]) > 10) { //save each image in a table cell to write out later $output .= chr(13).'<td><center><img src="'.$filePath.'/'.$imageFiles[$i].'"></center></td>'; $added++; //write out 7 pictures on each table row if($added%7 == 0) { echo chr(13).'<tr>'.$output.chr(13).'</tr>'; $output = ''; } } } //end for loop //output final incomplete line if(strlen($output) > 0) { echo chr(13).'<tr>'.$output.chr(13).'</tr>'; } ?> </table></body></html> Could somebody please point me in the right direction.... I want to block the US, AUS, NZ, CAN, IRE from the index.php of my site. But not the rest of the site. The following site (like many others) provides a pretty neat list for the htaccess http://www.ipinfodb.com/ip_country_block.php I did a test. I got the list for blocking the UK. After copying the UK list to my htaccess i couldn't view my site. The thing i don't get is... my ip address was not in the list but i was still blocked, The 1st 2 sets from my ip are '2.100' The only ip's in the list starting with 2 a deny from 2.24.0.0/13 deny from 2.96.0.0/13 deny from 2.120.0.0/12 deny from 2.136.0.0/13 How exactly is this all working? And what's the best way of blocking the above countries from just my index.php? Any links to manuals or anything here would be great... Thank You. John If I have a string like this: Code: [Select] Anne Somebody <anne@email.com>, John Smith <john@hotmail.co.uk>, bob Someoneelse <bob@email.it>is there a simple way of extracting the emails? I can do the explode and trim so I am really asking how to handle the Code: [Select] John Smith <john@hotmail.co.uk> in a reliable way. To be left with john@hotmail.co.uk Thanks, So, to keep this as short as possible, I am almost done making a website that lets visitors send already-made text messages to people. I just paid for hosting for the site, and they told me that I can only send 100 messages in one hour. This is fine as I was already intending on setting limits per ip address. So, I've set up MySQL and everything else works correctly. My only problem is that on the test script I've been working on over the weekend doesn't successfully check to see if an ip address exists in the database. Let me try and better explain what I need to do: I need the visitor's ip address to be logged on to the database the first time that they send a message in a day. (This part works.) But before it logs their ip address, it needs to check to see if it was already logged for the day. If their ip IS there then it will check to see how many messages they've sent today, if it is less than 5 then it will let them send the message and add 1 to the log. Otherwise it won't let them send the message. Tell me if it sounds too complicated. goodguybadguy.net they can tell when you enter an email address that hasnt been registered yet. how the hell are they doing this? does gmail or yahoo have some sort of database they allow access to for this? Hello, I'm attempting to write a PHP script to query WMI for an IP address of a host. The reason I'm doing this instead of getbyhostname is because NAT translations on the network can cause inaccurate results. The question is two-fold: 1) My Script is as follows <? $obj = new COM ( 'winmgmts://localhost/root/CIMV2' ); $wmi_network = $obj->ExecQuery("Select * From Win32_NetworkAdapterConfiguration"); foreach ( $wmi_network as $wmi_call ) { $ipaddr = $wmi_call->IPAddress; echo $ipaddr; } ?> I get the following error when running the script: Quote Catchable fatal error: Object of class variant could not be converted to string 2) How do I go about querying a remote host on the network with valid credentials? Thank you |
|||||||