Page 1 of 1

Help, Blocking External IP addresses

Posted: Fri Jan 06, 2006 8:41 am
by mhouldridge
Hi,

I am trying to create a security script which onyl allows certain IP addresses. Here is my scripts so far;

Code: Select all

// Assign user's IP address to $ip variable
$ip = $_SERVER["REMOTE_ADDR"];

// Create array of allowed IP addresses
$ips[1] = '212.123.123.1';
$ips[2] = '212.123.123.2';
$ips[3] = '212.123.123.3';

// Assign $access variable value of zero
$access = 0;

// For loop to run through each array item and get result
for($i = 0; $i < count($ips); $i++) {

// If users IP address is found within IP loop then add 1 to access variable  
  if ($ip == $ips[$i]){
  $access++;
  echo $access;
  }

// if access variable = 1 then redirect to a website 
  else{
  header("http://www.something.com");
}

// close for loop
}
I get the following errors;
Notice: Undefined offset: 0 in C:\Audit\index.php on line 21

Warning: Cannot modify header information - headers already sent by (output started at C:\Audit\index.php:21) in C:\Audit\index.php on line 28

Warning: Cannot modify header information - headers already sent by (output started at C:\Audit\index.php:21) in C:\Audit\index.php on line 28

Posted: Fri Jan 06, 2006 8:47 am
by hawleyjr
You are creating a loop that starts at zero however, your ip array starts at 1.

Why not try it like this:

Code: Select all

$ips['212.123.123.1'] = TRUE;
$ips['212.123.123.2'] = TRUE;
$ips['212.123.123.3'] = TRUE;


if(!isset($ips[$ip])){
//kick user out!
}

Posted: Fri Jan 06, 2006 9:04 am
by Jenk

Code: Select all

<?php

$ips = array('212.123.123.1', '212.123.123.2', '212.123.123.3');

if (in_array($_SERVER['REMOTE_ADDR'], $ips)) {
    echo "Welcome!";
} else { 
    echo "Be gone!";
}

?>
but the remote addr can be spoofed with relative ease so it's not as secure as one would hope.

Re: Help, Blocking External IP addresses

Posted: Fri Jan 06, 2006 4:27 pm
by Zoxive
mhouldridge wrote:Hi,

I am trying to create a security script which onyl allows certain IP addresses. Here is my scripts so far;

Code: Select all

// Assign user's IP address to $ip variable
$ip = $_SERVER["REMOTE_ADDR"];

// Create array of allowed IP addresses
$ips[1] = '212.123.123.1';
$ips[2] = '212.123.123.2';
$ips[3] = '212.123.123.3';

// Assign $access variable value of zero
$access = 0;

// For loop to run through each array item and get result
for($i = 0; $i < count($ips); $i++) {

// If users IP address is found within IP loop then add 1 to access variable  
  if ($ip == $ips[$i]){
  $access++;
  echo $access;
  }

// if access variable = 1 then redirect to a website 
  else{
  header("http://www.something.com");
}

// close for loop
}
I get the following errors;
Notice: Undefined offset: 0 in C:\Audit\index.php on line 21

Warning: Cannot modify header information - headers already sent by (output started at C:\Audit\index.php:21) in C:\Audit\index.php on line 28

Warning: Cannot modify header information - headers already sent by (output started at C:\Audit\index.php:21) in C:\Audit\index.php on line 28
Notice: Undefined offset: 0 in C:\Audit\index.php on line 21

Code: Select all

$ips[1] = '212.123.123.1';
$ips[2] = '212.123.123.2';
$ips[3] = '212.123.123.3';
You forgot to start out at 0, or you could just change ..

Code: Select all

for($i = 0; $i < count($ips); $i++) {
To .

Code: Select all

for($i = 1; $i < count($ips); $i++) {

-NSF

Posted: Mon Jan 09, 2006 5:24 am
by mhouldridge
Thanks guys!

I have altered it to check within the array if the ip address exists using in_array function.

I suppose I could do the same with MAC addresses. Is there a way I can obtain the local mac address?


regards

Posted: Mon Jan 09, 2006 9:12 am
by feyd
MAC addresses are not transmitted.