Re: Security Needed!
- From: "Jim Michaels" <NOSPAMFORjmichae3@xxxxxxxxx>
- Date: Wed, 1 Mar 2006 22:59:51 -0800
"Arjen" <dont@xxxxxxx> wrote in message
news:newscache$9e0wui$zn01$1@xxxxxxxxxxxxxxxxxx
Blackhawk@xxxxxxxxxxxxxxxx wrote:
I have a guest book and someone is raising hell with me on it. I must
receive 50 entries a day and all bogus. Don't know why they have
picked my site but I have to do something now to correct the on going
problem.
I need a security feature for my guest book. I have seen some on other
boards where there is a series a letters and or numbers only the human
eye can pick out and enter in order to submit an entry into the guest
book. Can someone direct me to the source of this security script in
php, please!
This is some really old code but it has been working for me for the last
few years. I just blok their ip adress, ip range and geographical location
:-) The mysql table only has 150 entries so im not really concerned with
performace.
$ip = $_SERVER["REMOTE_ADDR"];
// override
// once the user optionally confirms the emailadress allow is set to true
if ($user[allow]=="false"){
// statisch ip
$sql = 'SELECT deny.id '
.'FROM deny '
.'WHERE deny.ip = "'.$ip.'" ';
$query = mysql_query("$sql")
or exit ("Ongeldige query " . mysql_error());
if (mysql_num_rows($query)>0)
{
header("Location: geblokkeerd.php?r=statisch");
exit;
}
// dynamisch ip
$sql = 'SELECT deny.id '
.'FROM deny '
.'WHERE (begin<INET_ATON("'.$ip.'") AND INET_ATON("'.$ip.'")<eind)';
$query = mysql_query("$sql")
or exit ("Ongeldige query " . mysql_error());
if (mysql_num_rows($query)>0)
{
header("Location: geblokkeerd.php?r=dynamisch");
exit;
}
// geoip
include ("../geoip/geoip.inc");
$gi = geoip_open("$siteroot/geoip/GeoIP.dat",GEOIP_STANDARD);
I think you have to pay to get that database and code, don't you?
if anyone wants it, I have some code implemented that's free. it's only 97%
accurate. it uses geoip lite. I've turned it into an SQL db, and I can send
you the SQL and PHP scripts. the SQL DB is 7MB uncompressed (1MB
compressed).
/* set up array of banned country codes via
* http://www.maxmind.com/app/iso3166
*/
$banned = array ('A1', 'AE', 'AF', 'AL', 'AP', 'BA',
'BD', 'BO', 'BR', 'BS', 'CD', 'CF', 'CN',
'CU', 'ES', 'FM', 'IN', 'KH', 'LV', 'MY',
'RO', 'KP', 'KR', 'SK', 'TR', 'TW',
'UA', 'UZ', 'RU', 'AZ', 'PL');
$country_code = geoip_country_code_by_addr($gi, $ip);
geoip_close($gi);
if (in_array ($country_code, $banned))
{
header("Location: geblokkeerd.php?r=geoip");
exit;
}
}
.
- Prev by Date: Re: Security Needed!
- Next by Date: Re: php form mail problem
- Previous by thread: Re: Security Needed!
- Index(es):
Relevant Pages
|
