Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 14 of 14

Thread: Ban Ip Script

  1. #1
    Banned
    Join Date
    Oct 2008
    Posts
    136
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Ban Ip Script

    Welcome to my advanced IP banning script tutorial, this script will also include
    an admin panel to allow for easy ban addition and removal.

    The first and formost step is making the mysql table, this will hold the bans.
    Code:
    Code:
    CREATE TABLE `banned` (
    `id` int(11) NOT NULL auto_increment,
    `ip` varchar(255) NOT NULL default '',
    `time` varchar(255) NOT NULL default '',
    `long` varchar(255) NOT NULL default '',
    `reason` text NOT NULL,
    PRIMARY KEY (`id`)
    ) ENGINE=MyISAM;
    First for the coding, we have to make the
    config file: config.php
    PHP Code:
    Code:
    <?php
    // config
    $config['host'] = "localhost"; // host name of your mysql server
    $config['user'] = "username"; // your mysql username
    $config['pass'] = "password"; // your mysql password
    $config['db'] = "database"; // the database your table is in.
    
    // the @ sign is an error supressor, meaning we can use our own error messages, this connects and selects db
    @mysql_connect("$config[host]","$config[user]","$config[pass]") or die("There was an error connecting to the database, MySql said:<br />".mysql_error()."");
    @mysql_select_db("$config[db]") or die("There was an error connecting to the database, MySql said:<br />".mysql_error()."");
    ?>
    That has our variables, and connects the the database, now we need to do the functions, make a new file and
    save it as func.ban.php
    Code:
    <?php
    // func.ban.php
    // checks the ip to see if it is banned
    function checkban($ip)
        {
            // querys database
            $q = mysql_query("SELECT * FROM `banned` WHERE `ip` = '$ip' LIMIT 1");
            $get = mysql_num_rows($q);
            // if found
            if ($get == "1")
                { 
                    // deny user access
                    $r=mysql_fetch_array($q);
                    die("You have been banned from this website until $r[legnth]. If you feel this is in error, please contact the webmaster.");
                }
        }
    // places a ban in the database
    function addban($ip,$reason,$legnth)
        {
            // get current time
            $time = time();
            // inserts code into database
            $insert = mysql_query("INSERT INTO `banned` (`ip`,`time`,`long`,`reason`) VALUES ('$ip', '$time', '$legnth', '$reason')") or die("Could not add ban.<br />".mysql.error()."");
            echo "The ip address, $ip, has been added to the ban list.";
        }
    // deletes a ban from the database
    function delban($id)
        {
            // runs a delete query
            $delete = mysql_query("DELETE FROM `banned` WHERE `id` = '$id' LIMIT 1") or die("Could not remove ban.<br />".mysql.error()."");
            echo "The ip address has been removed from the ban list.";
        }
    // lists the bans in the ban admin
    function listbans()
        { 
            // link to add ban
            echo "<a href='banadmin.php?x=add'>Add Ban</a><p>";
            // loop to show all band
            $query = mysql_query("SELECT * FROM `banned` ORDER BY time DESC");
            $num = mysql_num_rows($query);
            if ($num)
                {
            while ($r=mysql_fetch_array($query))
                {
                    echo "$r[ip] - $r[reason] - <a href='banadmin.php?x=delete&id=$r[id]'>Delete</a><br />";
                }
                }
        }
    ?>
    Now we have to do the admin panel to this, make sure to place this in a secure directory.
    Save this file as banadmin.php
    Code:
    <?php
    // banadmin.php
    
    // include the files
    include "config.php";
    include "func.ban.php";
    // switch statement to do pages in admin
    switch ($_GET['x'])
        { 
           // if no page show bans
            default:
                listbans();
            break;
            // if add ban, show the form
            case "add":
                // if posted, insert it
                if ($_POST['add'])
                    {
                        $ip = $_POST['ip'];
                        if (!$ip)
                            {
                                echo "You must put an ip address at least";
                            }
                        addban($ip,$_POST[reason],$_POST[legnth]);
                    }
                // otherwise show form
                else
                    {
                        echo "Add a ban.<br />";
                        echo "<form method='post' action='banadmin.php?x=add'>";
                        echo "IP Address<br /><input type='text' name='ip'><br />";    
                        echo "Reason<br /><input type='text' name='reason'><br />";    
                        echo "Legnth<br /><input type='text' name='legnth'><br />";
                        echo "<input type='submit' name='add' value='Add Ban'>";
                    }
            break;
            // delete ban    
            case "delete":
                // got the id, preform the action
                if ($_GET['id'])
                    {
                        delban($_GET['id']);
                    }
                // show error
                else 
                    {
                        echo "No ip selected to remove";
                    }
            break;
        }
    ?>
    Now, add this code at the top of your page, before any content is displayed, and it will check for the bans.
    Code:
    <?
    include "config.php";
    include "func.ban.php";
    checkban($_SERVER['REMOTE_ADDR']);
    ?>

  • #2
    Banned
    Join Date
    Oct 2008
    Posts
    136
    Thanks
    4
    Thanked 0 Times in 0 Posts
    What you guys think??

  • #3
    Regular Coder Zangeel's Avatar
    Join Date
    Oct 2007
    Location
    public_html/
    Posts
    638
    Thanks
    17
    Thanked 79 Times in 79 Posts
    looks good, now how bout a script that'll block all proxies so they can't bypass it (:

  • #4
    Banned
    Join Date
    Oct 2008
    Posts
    136
    Thanks
    4
    Thanked 0 Times in 0 Posts
    You need a script so that it blocks proxies?

    Il get one for you.

  • #5
    Regular Coder
    Join Date
    Nov 2006
    Posts
    601
    Thanks
    1
    Thanked 2 Times in 2 Posts
    humm good but can be easly overcome by just settings ones router lol... new ip address is then assigned

  • #6
    Senior Coder kbluhm's Avatar
    Join Date
    Apr 2007
    Location
    Philadelphia, PA, USA
    Posts
    1,509
    Thanks
    3
    Thanked 258 Times in 254 Posts
    Quote Originally Posted by sith717 View Post
    You need a script so that it blocks proxies?

    Il get one for you.
    I'm sorry, but no one blocks IPs anymore. There is now account registration.

    Develop your site so that anyone can view certain data, but only registered users can view privileged data and interact with the site via forums, comments, polls, etc. Then if a user gets out of line, don't block their IP or a range of IPs that may punish other innocent visitors, block their account.

    Make their account the gateway to your site, not their dynamic IP.
    Last edited by kbluhm; 10-15-2008 at 05:00 PM.

  • #7
    Yay
    Yay is offline
    Regular Coder Yay's Avatar
    Join Date
    Oct 2008
    Location
    54° North, 1° West
    Posts
    102
    Thanks
    9
    Thanked 1 Time in 1 Post
    plus, cPanel can do all that.

  • #8
    Regular Coder
    Join Date
    Mar 2008
    Posts
    103
    Thanks
    1
    Thanked 8 Times in 8 Posts

    Macintosh

    here is a little bit of a tiny add on that makes it easy to appeal to a false ban:
    replace the checkbad with this version
    PHP Code:
    function checkban($ip)
        {
          global 
    $admin_email;
            
    // querys database
            
    $q mysql_query("SELECT * FROM `banned` WHERE `ip` = '$ip' LIMIT 1");
            
    $get mysql_num_rows($q);
            
    // if found
            
    if ($get == "1")
                { 
                    
    // deny user access
                    
    $r=mysql_fetch_array($q);
                    die(
    "You have been banned from this website until $r[legnth]. If you feel this is in error, please contact the webmaster at <a href=\"mailto:$admin_email\">$admin_email</a>.");
                }
        } 
    and add
    PHP Code:
    $admin_email "banappeal@mysite.com"
    to the config

    and if edits went well this should be a easy way for people to ban appeal

  • #9
    Regular Coder
    Join Date
    Mar 2008
    Posts
    103
    Thanks
    1
    Thanked 8 Times in 8 Posts
    Quote Originally Posted by kbluhm View Post
    I'm sorry, but no one blocks IPs anymore. There is now account registration.

    Develop your site so that anyone can view certain data, but only registered users can view privileged data and interact with the site via forums, comments, polls, etc. Then if a user gets out of line, don't block their IP or a range of IPs that may punish other innocent visitors, block their account.

    Make their account the gateway to your site, not their dynamic IP.
    sometimes you need to ban ips to prevent people from reregistering. what are you going to do then, emails are free to register at places like yahoo and you can keep making new email to register with. And your typical spammer will have no idea how to bypass most of this.

  • #10
    New to the CF scene
    Join Date
    Sep 2009
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hey Guys,

    I just been working with this script today and found it to be very useful for what i need and i have been additions to it nothing big but would like to know if you can make a function like this

    Code:
    function addban($ip,$reason,$legnth)
        {
            // get current time
            $time = time();
            // inserts code into database
            $insert = mysql_query("INSERT INTO `banned` (`ip`,`time`,`long`,`reason`) VALUES ('$ip', '$time', '$legnth', '$reason')") or die("Could not add ban.<br />".mysql.error()."");
            echo "The ip address, $ip, has been added to the ban list.";
        }
    But to allow you to update database and also have a update form to go with it.

    The update form would be using text box to make changes and the text box's would also display the current data in the database...

    Code:
               echo "Edit a ban.<br />";
                        echo "<form method='post' action='banadmin.php?x=edit'>";
                        echo "IP Address<br /><input type='text' name='ip' value='ip' ><br />";    
                        echo "Reason<br /><input type='text' name='reason' value='reason' ><br />";    
                        echo "Legnth<br /><input type='text' name='legnth' value='legnth' ><br />";
                        echo "<input type='submit' name='edit' value='Edit Ban'>";

    Any possible way to do this as ive had a long day and well can't think no more..
    Last edited by tukaa; 09-01-2009 at 10:26 PM.

  • #11
    New to the CF scene
    Join Date
    Oct 2009
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hi, I tryed this , but for some reason this code messes up my css , could someone help me figure out why this is happening ?

  • #12
    New to the CF scene
    Join Date
    Oct 2009
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by krypto_est View Post
    Hi, I tryed this , but for some reason this code messes up my css , could someone help me figure out why this is happening ?
    Anybody ????

    (sorry for dbl post)

  • #13
    Senior Coder
    Join Date
    Aug 2009
    Location
    Mansfield, Nottinghamshire, UK
    Posts
    1,555
    Thanks
    57
    Thanked 148 Times in 147 Posts
    i doubt it would mess up YOUR css as no styling is in place within these scripts. your css could be altering the output of these scripts.

    Without seeing your code we could not know what it is. Open a new thread.
    Website Design Mansfield
    PHP Code:
    function I_LOVE(){function b(&$b='P'){$b.='P';}function a($_){return $_++;}$b='P';define("B",'H');b($b=implode('',array($b=a($b),$b=a(B))));b($b);return $b;}
    echo 
    I_LOVE(); 

  • #14
    New Coder
    Join Date
    Jan 2011
    Posts
    85
    Thanks
    1
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by krypto_est View Post
    Anybody ????

    (sorry for dbl post)
    Hey krypto.
    It doesn't mess up your css.
    you just don't know how to embed it.
    here's an example.

    Let's take this part since this is the main focus when someone is banned.

    <?php
    // func.ban.php
    // checks the ip to see if it is banned
    function checkban($ip)
    {
    // querys database
    $q = mysql_query("SELECT * FROM `banned` WHERE `ip` = '$ip' LIMIT 1");
    $get = mysql_num_rows($q);
    // if found
    if ($get == "1")
    {
    // deny user access
    $r=mysql_fetch_array($q);
    die("You have been banned from this website until $r[legnth]. If you feel this is in error, please contact the webmaster.");
    }
    }

    You must always code it with \" if they have any quotation marks, if you wish to not do that, then I suggest you use ' for now. ' does the same thing. now let's take the script and put in a css.

    <?php
    // func.ban.php
    // checks the ip to see if it is banned
    function checkban($ip)
    {
    // querys database
    $q = mysql_query("SELECT * FROM `banned` WHERE `ip` = '$ip' LIMIT 1");
    $get = mysql_num_rows($q);
    // if found
    if ($get == "1")
    {
    // deny user access
    $r=mysql_fetch_array($q);
    die("<LINK REL=\"stylesheet\" TYPE=\"text/css\" HREF=\"http://domain.com/Style.css\">You Are Now Banned!!!");
    }
    }

    Now we if you are trying to go out side of the boundaries let's say you are trying to give the banadmin.php a look on it, then you just have to put your css on top before the <?php ?> or behind it. This will do the same thing because it's already reading your css.

    now if your trying to give the func.ban.php a look from the bottom of the code, that is nearly impossible. It would duplicate your tables, links, codes and what not, so instead of having 1 complete layout, you would have a lot of layouts while trying to only get one.

    If your just having troubles embeding the css into the banned section, then just do what I said. If it's something else, then you might have screwed it up yourself. I love this script cuz I love to ban people who violate my terms of service.



  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •