IP blocker that works on every php page by Diablo1. create db+table2. inse

1. IP blocker that works on every php page by Diablo
2.  
3. 1. create db+table
4. 2. inset ip's to block manual or via admin.php
5. 3. put    include("block.php");   on every page you want the ip to be blocked
6.  
7.  
8. SQL db:
9.  
10. CREATE TABLE `ip_blocks` (
11. `id` INT( 11 ) NOT NULL AUTO_INCREMENT,
12. `ip_adres` VARCHAR( 20 ) NOT NULL ,
13. `block_datum` VARCHAR( 20 ) NOT NULL ,
14. PRIMARY KEY ( `id` )
15. );
16.  
17.  
18.  
19.  
20.  
21. admin.php (to insert ip's to block or do it manualy | Place this anywhere you want)
22.  
23. <?
24.     //-- DB
25.     $mysqluser = "mysql_user";
26.     $mysqlpass = "mysql_pass";
27.     $mysqlhost = "localhost";
28.     $mysqldbdb = "mysql_database_name";
29.    
30.     if (!@mysql_select_db($mysqldbdb, @mysql_connect($mysqlhost, $mysqluser, $mysqlpass)))
31.     {
32.         echo "<b>error</b><p>";
33.         echo "No DB Connection couldbe made.";
34.         exit();
35.     }
36.    
37.     unset($mysqluser);
38.     unset($mysqlpass);
39.     unset($mysqlhost);
40.     unset($mysqldbdb);
41.    
42.     //-- define Table
43.     $table = "ip_blocks";
44.    
45.    
46.     if (!$_GET['ip'])
47.     {
48.        
49.         if ($_POST['ip_adres'])
50.         {
51.             $checksql = "SELECT id FROM " . $table . " WHERE ip_adres = '" . $_POST['ip_adres'] . "'";
52.             $checkres = mysql_query($checksql);
53.            
54.             //-- check for result
55.             if (mysql_num_rows($checkres) >= 1)
56.             {
57.                 $error = "Allready exist";
58.             }
59.             //-- If no result move on
60.             else
61.             {
62.                 //-- set current date
63.                 $block_datum = date('d.m.Y');
64.                
65.                 $sql = "INSERT INTO $table (id, ip_adres, block_datum) VALUES ('', '" . $_POST['ip_adres'] . "', '" . $block_datum . "')";
66.                 $res = mysql_query($sql);
67.                
68.                
69.                 if ($res)
70.                     echo "IP adres " . $_POST['ip_adres'] . " is no Blocked.<p>Clik <a href=\"" . $_SERVER['PHP_SELF'] . "\">here</a> for the form.";
71.                 //-- als het niet goed is gegaan
72.                 else
73.                     echo "IP adres " . $_POST['ip_adres'] . " will NOT be blocked.<p>Click <a href=\"" . $_SERVER['PHP_SELF'] . "\">here</a> for the form.";
74.             }
75.         }
76.        
77.         if (!$_POST['submit'] || $error)
78.         {
79.            
80.             if ($error)
81.                 echo "The IP address <b>" . $_POST['ip_adres'] . "</b> is allready blocked.<p>";
82.            
83.             echo "Click<a href=\"" . $_SERVER['PHP_SELF'] . "?ip=all\">here</a> for all blocked IP's<p>";
84.            
85.             echo "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">";
86.             echo "<B>Ip address:</b> <input type=\"text\" maxlength=\"20\" name=\"ip_adres\" value=\"" . htmlentities($_POST['ip_adres']) . "\"><br>";
87.             echo "<input type=\"submit\" name=\"submit\" value=\" Block \">";
88.             echo "</form>";
89.         }
90.     }
91.    
92.     else
93.     {
94.        
95.         if ($_GET['del'])
96.         {
97.            
98.             $sql = "DELETE FROM " . $table . " WHERE id = '" . $_GET['del'] . "'";
99.             $res = mysql_query($sql);
100.            
101.            
102.             if ($res)
103.                 echo "IP adress is successfully removed.<p>Click <a href=\"" . $_SERVER['PHP_SELF'] . "?ip=all\">Here</a> for the list.";
104.            
105.             else
106.                 echo "IP address is NOT removed.<p>Click <a href=\"" . $_SERVER['PHP_SELF'] . "?ip=all\">here</a> for the list.";
107.         }
108.        
109.         else
110.         {
111.             echo "Click <a href=\"" . $_SERVER['PHP_SELF'] . "\">here</a> to block an IP.<p>";
112.            
113.            
114.             $sql = "SELECT id,ip_adres,block_datum FROM " . $table . " ORDER BY id DESC";
115.             $res = mysql_query($sql);
116.            
117.            
118.             echo "<table border=\"1\" cellspacing=\"0\" cellpadding=\"5\" bordercolor=\"#000000\">";
119.             echo "<tr><td width=\"100\"><b>Ip address</b></td><td><b>Datum blokkade</b></td><td>Remove</td></tr>";
120.            
121.            
122.             if (mysql_num_rows($res) >= 1)
123.             {
124.                
125.                 while ($row = mysql_fetch_array($res))
126.                 {
127.                     echo "<tr><td>" . $row['ip_adres'] . "</td><td>" . $row['block_datum'] . "</td><td><a href=\"" . $_SERVER['PHP_SELF'] . "?ip=all&del=" . $row['id'] . "\">del</a></td></tr>";
128.                 }
129.             }
130.             //-- No blocked ip's yet msg
131.             else
132.             {
133.                 echo "<tr><td colspan=\"3\">No Blocked IP's have been found.</td></tr>";
134.             }
135.            
136.             echo "</table>";
137.         }
138.     }
139. ?>
140.  
141.  
142.  
143.  
144.  
145.  
146.  
147. Block.php
148.  
149. <?
150.     //-- connect to DB
151.     $mysqluser = "mysql_user";
152.     $mysqlpass = "mysql_pass";
153.     $mysqlhost = "localhost";
154.     $mysqldbdb = "mysql_database_name";
155.    
156.     if (!@mysql_select_db($mysqldbdb, @mysql_connect($mysqlhost, $mysqluser, $mysqlpass)))
157.     {
158.         echo "<b>error</b><p>";
159.         echo "Can't make connection to DB.";
160.         exit();
161.     }
162.    
163.     unset($mysqluser);
164.     unset($mysqlpass);
165.     unset($mysqlhost);
166.     unset($mysqldbdb);
167.    
168.    
169.     $table = "ip_blocks";
170.    
171.     //-- get ip from visitor
172.     $ipadres = $_SERVER['REMOTE_ADDR'];
173.    
174.     //-- check if ip from user is blocked
175.     $sql = "SELECT id FROM " . $table . " WHERE ip_adres = '" . $ipadres . "'";
176.     $res = mysql_query($sql);
177.    
178.    
179.     if (mysql_num_rows($res) >= 1)
180.     {
181.         //-- Block!!
182.         echo "You are blocked from this site. Pwned by ECO (change this :p :p)"; //change sentence :p
183.         exit();
184.     }
185.    
186. ?>