Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- IP blocker that works on every php page by Diablo
- 1. create db+table
- 2. inset ip's to block manual or via admin.php
- 3. put include("block.php"); on every page you want the ip to be blocked
- SQL db:
- CREATE TABLE `ip_blocks` (
- `id` INT( 11 ) NOT NULL AUTO_INCREMENT,
- `ip_adres` VARCHAR( 20 ) NOT NULL ,
- `block_datum` VARCHAR( 20 ) NOT NULL ,
- PRIMARY KEY ( `id` )
- );
- admin.php (to insert ip's to block or do it manualy | Place this anywhere you want)
- <?
- //-- DB
- $mysqluser = "mysql_user";
- $mysqlpass = "mysql_pass";
- $mysqlhost = "localhost";
- $mysqldbdb = "mysql_database_name";
- if (!@mysql_select_db($mysqldbdb, @mysql_connect($mysqlhost, $mysqluser, $mysqlpass)))
- {
- echo "<b>error</b><p>";
- echo "No DB Connection couldbe made.";
- exit();
- }
- unset($mysqluser);
- unset($mysqlpass);
- unset($mysqlhost);
- unset($mysqldbdb);
- //-- define Table
- $table = "ip_blocks";
- if (!$_GET['ip'])
- {
- if ($_POST['ip_adres'])
- {
- $checksql = "SELECT id FROM " . $table . " WHERE ip_adres = '" . $_POST['ip_adres'] . "'";
- $checkres = mysql_query($checksql);
- //-- check for result
- if (mysql_num_rows($checkres) >= 1)
- {
- $error = "Allready exist";
- }
- //-- If no result move on
- else
- {
- //-- set current date
- $block_datum = date('d.m.Y');
- $sql = "INSERT INTO $table (id, ip_adres, block_datum) VALUES ('', '" . $_POST['ip_adres'] . "', '" . $block_datum . "')";
- $res = mysql_query($sql);
- if ($res)
- echo "IP adres " . $_POST['ip_adres'] . " is no Blocked.<p>Clik <a href=\"" . $_SERVER['PHP_SELF'] . "\">here</a> for the form.";
- //-- als het niet goed is gegaan
- else
- echo "IP adres " . $_POST['ip_adres'] . " will NOT be blocked.<p>Click <a href=\"" . $_SERVER['PHP_SELF'] . "\">here</a> for the form.";
- }
- }
- if (!$_POST['submit'] || $error)
- {
- if ($error)
- echo "The IP address <b>" . $_POST['ip_adres'] . "</b> is allready blocked.<p>";
- echo "Click<a href=\"" . $_SERVER['PHP_SELF'] . "?ip=all\">here</a> for all blocked IP's<p>";
- echo "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">";
- echo "<B>Ip address:</b> <input type=\"text\" maxlength=\"20\" name=\"ip_adres\" value=\"" . htmlentities($_POST['ip_adres']) . "\"><br>";
- echo "<input type=\"submit\" name=\"submit\" value=\" Block \">";
- echo "</form>";
- }
- }
- else
- {
- if ($_GET['del'])
- {
- $sql = "DELETE FROM " . $table . " WHERE id = '" . $_GET['del'] . "'";
- $res = mysql_query($sql);
- if ($res)
- echo "IP adress is successfully removed.<p>Click <a href=\"" . $_SERVER['PHP_SELF'] . "?ip=all\">Here</a> for the list.";
- else
- echo "IP address is NOT removed.<p>Click <a href=\"" . $_SERVER['PHP_SELF'] . "?ip=all\">here</a> for the list.";
- }
- else
- {
- echo "Click <a href=\"" . $_SERVER['PHP_SELF'] . "\">here</a> to block an IP.<p>";
- $sql = "SELECT id,ip_adres,block_datum FROM " . $table . " ORDER BY id DESC";
- $res = mysql_query($sql);
- echo "<table border=\"1\" cellspacing=\"0\" cellpadding=\"5\" bordercolor=\"#000000\">";
- echo "<tr><td width=\"100\"><b>Ip address</b></td><td><b>Datum blokkade</b></td><td>Remove</td></tr>";
- if (mysql_num_rows($res) >= 1)
- {
- while ($row = mysql_fetch_array($res))
- {
- echo "<tr><td>" . $row['ip_adres'] . "</td><td>" . $row['block_datum'] . "</td><td><a href=\"" . $_SERVER['PHP_SELF'] . "?ip=all&del=" . $row['id'] . "\">del</a></td></tr>";
- }
- }
- //-- No blocked ip's yet msg
- else
- {
- echo "<tr><td colspan=\"3\">No Blocked IP's have been found.</td></tr>";
- }
- echo "</table>";
- }
- }
- ?>
- Block.php
- <?
- //-- connect to DB
- $mysqluser = "mysql_user";
- $mysqlpass = "mysql_pass";
- $mysqlhost = "localhost";
- $mysqldbdb = "mysql_database_name";
- if (!@mysql_select_db($mysqldbdb, @mysql_connect($mysqlhost, $mysqluser, $mysqlpass)))
- {
- echo "<b>error</b><p>";
- echo "Can't make connection to DB.";
- exit();
- }
- unset($mysqluser);
- unset($mysqlpass);
- unset($mysqlhost);
- unset($mysqldbdb);
- $table = "ip_blocks";
- //-- get ip from visitor
- $ipadres = $_SERVER['REMOTE_ADDR'];
- //-- check if ip from user is blocked
- $sql = "SELECT id FROM " . $table . " WHERE ip_adres = '" . $ipadres . "'";
- $res = mysql_query($sql);
- if (mysql_num_rows($res) >= 1)
- {
- //-- Block!!
- echo "You are blocked from this site. Pwned by ECO (change this :p :p)"; //change sentence :p
- exit();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement