Foreach loops through an array - in this case $banned_IP.
You would declare $banned_IP then run the check code.
For example, suppose you have a users table which lists name, pass and other details: if you could add a column for IP to each user row as well as a column to flag if the user is banned (say 0=OK, 1=banned). You could get an array of banned IPs with the query:
Code: Select all
<?php
$mysql = "SELECT IP_address from users WHERE banned='1'";
$query = mysql_query($mysql) or die('Cannot query the database.<br />' . mysql_error());
?>
..and then:
Code: Select all
<?php
$banned_IP = mysql_fetch_row($query);
// loop through array
foreach ($banned_IP as $value) {
// check for match against current visitor's IP
IF ($_SERVER["REMOTE_ADDR"] == $value) {
// kill the script if a match is found
die ("Your IP is banned!");
}
}
echo "Welcome!";
// ...etc - rest of your script
?>
Doing it this way means you don't have to hard-code IP addresses into your script - that would work but it isn't a GOOD way to work.
Remember that not everybody has a static IP so you can't rely on banning by IP.
What I do is log IP at every user login. First I check if the IP is already stored - if so do nothing. If not, it gets added to the list.
If a user has a static IP, the column will show just one or two values (he may be using a couple of PCs or may have more than one ISP).
If it's a dynamic IP, the column will fill up with a whole range of values (you might want to limit its size) all with the same initial number string.
You can ban static IPs but you can't ban a user with a dynamic IP. You could possibly put a temporary ban on any IP matching the initial number sequence: that might just put off someone who isn't too determined but it potentially excludes many other legitimate visitors so you wouldn't want to leave it on for long. Might be useful on a quiet site, but never on a very busy one.
There isn't any foolproof method ban control method that I know of but you could possibly add to IP checking by attempting to set a "permanent" cookie on a banned users machine next time he visits, and check for that. You never know, they just might not be bright enough to realise it's there..
Oh and there are proxies to think about as well, but I'm getting slightly out of my depth here so I'll leave that for someone else.