Page 1 of 1

Is anything wrong with this script?

Posted: Sun Mar 19, 2006 7:02 pm
by sleepwalker0
Anyway I'm still a very begginer in php and can you please tell me if you see any mistakes in this script.

This script is supose to bann people's IPs from a file.

Code: Select all

<?php
//Adds IPs to an IP banning file
$enter_ban = "//will be done later on"
$ban_file = 'banned.txt';
$ban_file = fopen($ban_file, 'a');
fwrite($ban_file, $enter_ban);
fclose($ban_file);
?>
and

Code: Select all

<?php
//this will bann IPs from banned.txt
$ban = fopen("banned.txt", "r");
$banned = fread($ban, 9000);
fclose($ban);
$banned_array = explode($ban);
if(in_array($banned_array, REMOTE_ADDR);
die("You have been banned" "/n" "Pleast contact system administrator if there has been a mistake");
?> 

Thanks, I'm really new so don't be too hard.

Posted: Sun Mar 19, 2006 8:08 pm
by alex.barylski
Banning based on IP doesn't work:

1) You could just use a proxy
2) You could spoof headers

Basically...authentication is the only way to "ban" someone from your site.

Posted: Sun Mar 19, 2006 8:54 pm
by sleepwalker0
Yes I know but I'll have both. Trust me from my expiriance people stop going to your site because its hard to find a working proxy and turn it on/off...I still want to have it so do you see any code problems?

Posted: Sun Mar 19, 2006 9:04 pm
by feyd
Your banning script is a bit loose, it's hard to tell if it will have problems, but on the surface. It will. It may have issues working on Windows platforms.

Your checking script has several flaws.
  1. what happens if there are more than 9000 bytes in the file?
  2. explode() requires two parameters.
  3. your parameters to in_array() are in the wrong order
  4. REMOTE_ADDR by default does not exist that I am aware of

Posted: Sun Mar 19, 2006 9:28 pm
by sleepwalker0
Just fixed it.

Code: Select all

<?php
$ban = fopen("banned.txt", "r");
$banned = fread($ban, 90000000);
fclose($ban);
$banned_array = explode("/n", $ban);
if(in_array(REMOTE_ADDR, $banned_array);
die("You have been banned" "<BR>" "Pleast contact system administrator if there has been a mistake");
?>
Can you please tell me if you see anything else wrong.

About REMOTE_ADDR do you know any place I can read about it, Im still in the smoke about those things, it seems that the video course I did skipped them.

Thx

Posted: Sun Mar 19, 2006 9:37 pm
by feyd
  1. What happens if the file is larger than 90000000 bytes?
  2. if you want to use newlines for the explode(), \n not /n.
  3. parse and logic errors on the if

Posted: Sun Mar 19, 2006 11:10 pm
by sleepwalker0
Sorry to ask for your help again :oops:
3. parse and logic errors on the if


1. What do you mean by that, some specific errors? Like what.
2. Can I NOT specify size in fread (read as much as there is)

Posted: Sun Mar 19, 2006 11:23 pm
by alex.barylski
sleepwalker0 wrote:Sorry to ask for your help again :oops:
3. parse and logic errors on the if


1. What do you mean by that, some specific errors? Like what.
2. Can I NOT specify size in fread (read as much as there is)
For starters you ended your IF statement in the second code block with a semi-colon...although syntactically (I believe allowed) it's bad practice!!!

Semi-colons are statement terminals...although syntactically allowed...it's bad practice in most cases...

switch, if, while, etc are not really statements (per se) they are constructs which control the flow or direction of statements. Conditionals, loops, etc as they are often called.

Constructs use { and } to group statements togather as code blocks.

You can specify the fread buffer size dynamically:

Code: Select all

fread($fp, filesize('banned.txt'));
Cheers :)

Posted: Sun Mar 19, 2006 11:31 pm
by sleepwalker0
wow great idea, thats fixed. Is there some kind of a thread which talks aobut what to use () {} " " ' '. Im getting really annoying trying to guess which one is which, although php is really fogiving and most of the time it doesnt make an error I'd like to know exactly.

Thanks

Posted: Mon Mar 20, 2006 12:06 am
by alex.barylski
talks about the use of what?

If you mean when to use () over {} etc...

Probably not, thats a really basic issue...if your confused about the basics you should start reading some introduction to programming in PHP articles or books.

PHP actually allows you to use {} [], etc...in a lot more ways than many languages, so it's probably best if you start searching google for beginner articles...

Posted: Mon Mar 20, 2006 9:39 am
by sleepwalker0
Well not like that, the thing I really forgot was when not to use anything when to use ' ' and when "" but I rewatched few begginer chapters and I'm fine. Thx