Is anything wrong with this script?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
sleepwalker0
Forum Newbie
Posts: 17
Joined: Sun Feb 19, 2006 4:13 pm

Is anything wrong with this script?

Post by sleepwalker0 »

Anyway I'm still a very begginer in php and can you please tell me if you see any mistakes in this script.

This script is supose to bann people's IPs from a file.

Code: Select all

<?php
//Adds IPs to an IP banning file
$enter_ban = "//will be done later on"
$ban_file = 'banned.txt';
$ban_file = fopen($ban_file, 'a');
fwrite($ban_file, $enter_ban);
fclose($ban_file);
?>
and

Code: Select all

<?php
//this will bann IPs from banned.txt
$ban = fopen("banned.txt", "r");
$banned = fread($ban, 9000);
fclose($ban);
$banned_array = explode($ban);
if(in_array($banned_array, REMOTE_ADDR);
die("You have been banned" "/n" "Pleast contact system administrator if there has been a mistake");
?> 

Thanks, I'm really new so don't be too hard.
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

Banning based on IP doesn't work:

1) You could just use a proxy
2) You could spoof headers

Basically...authentication is the only way to "ban" someone from your site.
sleepwalker0
Forum Newbie
Posts: 17
Joined: Sun Feb 19, 2006 4:13 pm

Post by sleepwalker0 »

Yes I know but I'll have both. Trust me from my expiriance people stop going to your site because its hard to find a working proxy and turn it on/off...I still want to have it so do you see any code problems?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Your banning script is a bit loose, it's hard to tell if it will have problems, but on the surface. It will. It may have issues working on Windows platforms.

Your checking script has several flaws.
  1. what happens if there are more than 9000 bytes in the file?
  2. explode() requires two parameters.
  3. your parameters to in_array() are in the wrong order
  4. REMOTE_ADDR by default does not exist that I am aware of
sleepwalker0
Forum Newbie
Posts: 17
Joined: Sun Feb 19, 2006 4:13 pm

Post by sleepwalker0 »

Just fixed it.

Code: Select all

<?php
$ban = fopen("banned.txt", "r");
$banned = fread($ban, 90000000);
fclose($ban);
$banned_array = explode("/n", $ban);
if(in_array(REMOTE_ADDR, $banned_array);
die("You have been banned" "<BR>" "Pleast contact system administrator if there has been a mistake");
?>
Can you please tell me if you see anything else wrong.

About REMOTE_ADDR do you know any place I can read about it, Im still in the smoke about those things, it seems that the video course I did skipped them.

Thx
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

  1. What happens if the file is larger than 90000000 bytes?
  2. if you want to use newlines for the explode(), \n not /n.
  3. parse and logic errors on the if
sleepwalker0
Forum Newbie
Posts: 17
Joined: Sun Feb 19, 2006 4:13 pm

Post by sleepwalker0 »

Sorry to ask for your help again :oops:
3. parse and logic errors on the if


1. What do you mean by that, some specific errors? Like what.
2. Can I NOT specify size in fread (read as much as there is)
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

sleepwalker0 wrote:Sorry to ask for your help again :oops:
3. parse and logic errors on the if


1. What do you mean by that, some specific errors? Like what.
2. Can I NOT specify size in fread (read as much as there is)
For starters you ended your IF statement in the second code block with a semi-colon...although syntactically (I believe allowed) it's bad practice!!!

Semi-colons are statement terminals...although syntactically allowed...it's bad practice in most cases...

switch, if, while, etc are not really statements (per se) they are constructs which control the flow or direction of statements. Conditionals, loops, etc as they are often called.

Constructs use { and } to group statements togather as code blocks.

You can specify the fread buffer size dynamically:

Code: Select all

fread($fp, filesize('banned.txt'));
Cheers :)
sleepwalker0
Forum Newbie
Posts: 17
Joined: Sun Feb 19, 2006 4:13 pm

Post by sleepwalker0 »

wow great idea, thats fixed. Is there some kind of a thread which talks aobut what to use () {} " " ' '. Im getting really annoying trying to guess which one is which, although php is really fogiving and most of the time it doesnt make an error I'd like to know exactly.

Thanks
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Post by alex.barylski »

talks about the use of what?

If you mean when to use () over {} etc...

Probably not, thats a really basic issue...if your confused about the basics you should start reading some introduction to programming in PHP articles or books.

PHP actually allows you to use {} [], etc...in a lot more ways than many languages, so it's probably best if you start searching google for beginner articles...
sleepwalker0
Forum Newbie
Posts: 17
Joined: Sun Feb 19, 2006 4:13 pm

Post by sleepwalker0 »

Well not like that, the thing I really forgot was when not to use anything when to use ' ' and when "" but I rewatched few begginer chapters and I'm fine. Thx
Post Reply