IP matching problem

Paragon

I am trying to log IPs for security reasons but I am having a problem with matching them.

For example say the persons IP is already logged I dont want to record it again. This is what is happening though. Instead of just recording one once its only recorded 1 IP then it stops working.

<?
include('config.php');

mysql_connect("$host","$username","$userpass");
mysql_select_db("$userdatabase");

if (getenv("HTTP_CLIENT_IP")){
$ip = getenv("HTTP_CLIENT_IP");
}
else
if(getenv("HTTP_X_FORWARDED_FOR")) {
$ip = getenv("HTTP_X_FORWARDED_FOR");
}
else
if(getenv("REMOTE_ADDR")){
$ip = getenv("REMOTE_ADDR");
}
else
$ip = "UNKNOWN";

   $ipquery = mysql_query("SELECT * FROM $banprefix");
    while($r=mysql_fetch_array($ipquery))
  {    

    $idip = $r["idip"];
    $loggedip = $r["loggedip"];
    $set = $r["set"];
  }
    if(!$ip=="$loggedip"){
    $addip = "INSERT INTO `$banprefix` (`loggedip`) VALUES ('$ip')";
    mysql_query($addip) or die(mysql_error());
      }
    if($set=="1"){
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=HAH.html\">";
     exit;
}
?>

LordShryku

I could be wrong here but shouldn't

if(!$ip=="$loggedip"){ //this
if($ip != $loggedip) { //be this?

drawmack

<?
include('config.php');
mysql_connect("$host","$username","$userpass");
mysql_select_db("$userdatabase");

//giving this a bit of structure and cleaning it up
if (getenv("HTTP_CLIENT_IP")) {
    $ip = getenv("HTTP_CLIENT_IP");
} elseif (getenv("HTTP_X_FORWARDED_FOR")) {
    $ip = getenv("HTTP_X_FORWARDED_FOR");
} elseif(getenv("REMOTE_ADDR")) {
    $ip = getenv("REMOTE_ADDR");
} else {
    $ip = "UNKNOWN";
} //end if

//here we start changing
// 1) we don't want to process unknown ip addresses
if('UNKNOWN' != $ip) {
    //2) pull the sql into a variable
    //3) use a where clause right here that will determine
    //    if this ip has been logged.
    $sql = "SELECT count(idip) FROM $banprefix WHERE loggedip = '$ip'";
    $ipquery = mysql_query($sql);
    //4) has this ip been recorded?
    $exists = mysql_result($ipquery,0,0);

if(0 == $exists) {
    $sql = "INSERT INTO `$banprefix` (`loggedip`) VALUES ('$ip')";
   mysql_query($sql) or warn(mysql_errno . ": " . mysql_error());
} //end if

if(0 < $exists){
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=HAH.html\">";
    exit;
} //end if
} //end if
?>

[/B][/QUOTE]

Paragon

Originally posted by LordShryku
I could be wrong here but shouldn't
if(!$ip=="$loggedip"){ //this
if($ip != $loggedip) { //be this?
[/B]

I tried that and it seems to work a little better now. Still getting my own double IPs shown though.

Paragon

Originally posted by drawmack

<?
include('config.php');
mysql_connect("$host","$username","$userpass");
mysql_select_db("$userdatabase");

//giving this a bit of structure and cleaning it up
if (getenv("HTTP_CLIENT_IP")) {
    $ip = getenv("HTTP_CLIENT_IP");
} elseif (getenv("HTTP_X_FORWARDED_FOR")) {
    $ip = getenv("HTTP_X_FORWARDED_FOR");
} elseif(getenv("REMOTE_ADDR")) {
    $ip = getenv("REMOTE_ADDR");
} else {
    $ip = "UNKNOWN";
} //end if

//here we start changing
// 1) we don't want to process unknown ip addresses
if('UNKNOWN' != $ip) {
    //2) pull the sql into a variable
    //3) use a where clause right here that will determine
    //    if this ip has been logged.
    $sql = "SELECT count(idip) FROM $banprefix WHERE loggedip = '$ip'";
    $ipquery = mysql_query($sql);
    //4) has this ip been recorded?
    $exists = mysql_result($ipquery,0,0);

if(0 == $exists) {
    $sql = "INSERT INTO `$banprefix` (`loggedip`) VALUES ('$ip')";
   mysql_query($sql) or warn(mysql_errno . ": " . mysql_error());
} //end if

if(0 < $exists){
    echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=HAH.html\">";
    exit;
} //end if
} //end if
?>

[/B]

[/B][/QUOTE]

This always takes me to the refresh page.

I think I may not of explained well enough here let me say a little more maybe I can help.

idip is just the unuiqe row number its auto increment the loggedip is were the $ip needs to go and the set is either 0 or 1 0 being normal and 1 being banned.

Paragon

Used your other code you gave me. Now its putting in the IP in no matter what. I guess its doing more than 1 now.

 <? 
include('config.php'); 

mysql_connect("$host","$username","$userpass"); 
mysql_select_db("$userdatabase"); 

if (getenv("HTTP_CLIENT_IP")){ 
$ip = getenv("HTTP_CLIENT_IP"); 
} 
else 
if(getenv("HTTP_X_FORWARDED_FOR")) { 
$ip = getenv("HTTP_X_FORWARDED_FOR"); 
} 
else 
if(getenv("REMOTE_ADDR")){ 
$ip = getenv("REMOTE_ADDR"); 
} 
else 
$ip = "UNKNOWN"; 

   $ipquery = mysql_query("SELECT * FROM $banprefix"); 
    while($r=mysql_fetch_array($ipquery)) 
  {     

    $idip = $r["idip"]; 
    $loggedip = $r["loggedip"]; 
    $set = $r["set"]; 
  } 
    if($ip != $loggedip) {

$addip = "INSERT INTO `$banprefix` (`loggedip`) VALUES ('$ip')"; 
mysql_query($addip) or die(mysql_error()); 
  } 
if($set=="1"){ 
echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=http://vampclan.com/HAH.html\">"; 
 exit; 
} 
?>

LordShryku

I get it now. Try something like this.

<?  

include('config.php');  

mysql_connect("$host","$username","$userpass");  

mysql_select_db("$userdatabase");  

if (getenv("HTTP_CLIENT_IP")){  

   $ip = getenv("HTTP_CLIENT_IP");  

}  

elseif(getenv("HTTP_X_FORWARDED_FOR")) {  

   $ip = getenv("HTTP_X_FORWARDED_FOR");  

}  

elseif(getenv("REMOTE_ADDR")){  

   $ip = getenv("REMOTE_ADDR");  

}  

else {  

   $ip = "UNKNOWN";
}

$matches=0;
$ipquery = mysql_query("SELECT * FROM ".$banprefix);
while($r=mysql_fetch_array($ipquery)) {      

   $idip = $r["idip"];  

   $loggedip = $r["loggedip"];  

   $set = $r["set"];

   if($ip == $loggedip) {
      $matches++;
      $matched=$set;
   }
}

if($matches == 0) {  

   $addip = "INSERT INTO `$banprefix` (`loggedip`) VALUES ('$ip')";  

   mysql_query($addip) or die(mysql_error());  

}
else {
   if( $matched == 1) { 
      echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=http://vampclan.com/HAH.html\">";  

      exit;
   }
}  

?>

It just increments if it matches anything in the loop, if it does, it sets your ban as a unique variable

Paragon

It appears to work.. how did you do that I dont get that one?

LordShryku

I think the key was keeping it in the loop....

// variable to use for matches
$matches=0; 

$ipquery = mysql_query("SELECT * FROM ".$banprefix); 
while($r=mysql_fetch_array($ipquery)) {       

   $idip = $r["idip"];   

   $loggedip = $r["loggedip"];   

   $set = $r["set"]; 
   // if our ip matches, increment this and set $matched=$set
   if($ip == $loggedip) { 
      $matches++; 
      $matched=$set; 
   } 
} 


// Now after the loop, compare

// If nothing was matched, insert the ip
if($matches == 0) {   

   $addip = "INSERT INTO `$banprefix` (`loggedip`) VALUES ('$ip')";   

   mysql_query($addip) or die(mysql_error());   

} 
// otherwise, check if the ip is banned
else { 
   if( $matched == 1) {  

      echo "<META HTTP-EQUIV=\"refresh\" content=\"2;URL=http://vampclan.com/HAH.html\">";   

      exit; 
   } 
}

Paragon

Smart man I need to learn to think like that.

LordShryku

Originally posted by Paragon
Smart man I need to learn to think like that.

Bold words 😃

Paragon

Its obvious this darn PHP for dummies book sucks! 🙂

drawmack

for dummies books are intended to give a brief introduction and nothing more, I know cause I helped write one. This is too advanced for that book.

In case any one is wondering I was just really lucky one of the professors at my uni is the father of the girl who originally concieved of the idea.

Paragon

HAH you better put that on a application 😃 What book do you suggest then?

Paragon

Do you think there would be any reason this would give people a Page cannot be displayed message?

or a Duplicate entry '127' for key 1 ?