I am writing an admin area script for my news project script
and wanted to create something that could block any access
other then myself to the admin area.
Of course... besides this function there are other checks, but this should
stop first and hopefully always first.
So I post here to get a possible critique on my new function if possible
This grabs the IP set in database, then denies all unless the IP matches
what was set. And yes, for alot of people this function wouldnt work,
but for me and other lucky people with an ISP that gives an IP
that always stays the same... well it works good!
Code: Select all
function vf_news_admin_checker()
{
$err = 'there has been an error';
$sql = mysql_query("SELECT value FROM table WHERE foo='boo'") or die ($err);
while($vfn_admin_check = mysql_fetch_array($sql)){
$vfn_admin_ip = $vfn_admin_check['value'];
if ( !empty($vfn_admin_ip) ) //IF NO IP IS SET THEN ALL BELOW IS BYPASSED
{
$host = $_SERVER['REMOTE_ADDR']; //EQUALS YOUR IP AS SHOWN FROM BROWSER
if ( $host == $vfn_admin_ip ) //IF YOUR IP MATCHES THE IP SET THEN ADMIN ACCESS IS GIVEN
{
echo "some welcome message?";
}else{ //IF THE IP DOESNT MATCH THEN DENY THE ATTEMPT AND INSERT USER INFO TO DATABASE
@mysql_query ("INSERT INTO table (row) VALUES ('$host')");
echo "Some deny message to the user here ";
die();
}
}
}
}But even if it can be easy, it would be alot harder for anyone to
know the IP address of the site owner.. unless they were friends or something.